Information System Security Manager (ISSM) with Security Clearance Binghamton, NY,
Binghamton, NY
100,000 - 200,000
Job Description:
SUMMARY:
- Responsible for the development, deployment and execution of controls and defenses to ensure the security of company technology, information systems, and system deliverables.
- Develops and implements appropriate standards and criteria for hardware, software, access and encryption requirements
- Establishes system security designs and validates compliance requirements.
- Assesses and mitigates system security threats and risks throughout the program life cycle
- Performs system certification and accreditation planning, testing, and validation activities in coordination with government customers and IAW RMF requirements and best practices
- Supports secure systems operations and maintenance
- Conducts internal information technology system audits and risk assessments and reports findings and recommendations for corrective actions to management
- Executes first level responses and addresses reported or detected security incidents. Investigates and analyzes all response activities related to cyber incidents Interprets, analyzes, and reports all events and anomalies in accordance with directives, to include initiating, responding, and reporting discovered events
- Safeguards information against unauthorized use, infiltration, exfiltration, modification, destruction or disclosure of national security information
- Assist program personnel at offsite locations to ensure they meet USG certification requirements and are properly trained to execute the cybersecurity program effectively and maintain security compliance
- Excellent communications skills, oral and written
- Demonstrated strong critical thinking and problem-solving skills
- Self-motivated and possesses good written, verbal, listening and presentation skills, particularly in documenting evaluation results
- Confident personality with the ability to effectively prioritize multiple projects
- Ability to work with people in a team environment and deal effectively with changing project priorities
- Candidate must have demonstrated professional customer service skills
- Ability to balance information security requirements with mission, goals and culture is critical
- Bachelor's Degree in discipline and minimum 6 years of prior relevant experience or 2 years post-
- Secondary/ Associates Degree and a minimum of 8 years of prior related experience
- Graduate Degree and a minimum of 4 years of prior related experience
- Working knowledge of Risk Management Framework as defined in NIST 800-53 and CNSSI 1253
- Conducted vulnerability and compliance scanning for federal information systems In-depth knowledge and experience with technical configuration standards relating to information system security; experience configuring
- Windows operating systems, experience with server systems, thin client architecture, system virtualization and other related peripherals
- Extensive knowledge and experience with assessment & authorization (A&A) requirements as outlined in the NISPOM/DAAPM, JSIG, RMF, NIST and other USG IS/Security-related policies
- Knowledge and experience with configuration/certification and auditing/analysis of Windows
- Experience supporting various system configurations (Stand Alone, Local Area Networks, Wide Area Networks, Government, and Contractor connections)
- Experience with Interconnected Security Agreements (ISA), Network Security Plans (NSP), Memorandum of Agreement/Understanding (MOA/U)
- Experience in implementing Windows Active Directory Services, Group Policy
- Applied experience with Windows PowerShell.
- Experience with security information and event management (SIEM) and data loss prevention (DLP) solutions
- Experience with audit reviews such as: physical security, network and application, password administration, file access privileges, etc.
- Candidate must provide evidence of DoD 8570 IAM III compliance: CISSP, CISA, CISM, etc, and/or other equivalent or obtain requisite certification within 6 months of hire date
- Active DoD Secret Clearance is required, and must be able to obtain and maintain a Top Secret Clearance
- Must comply with all company security and data protection / usage policies and procedures.
- Personally responsible for proper marking and handling of all information and materials, in any form Shall not divulge any information, or afford access, to other employees not having a need-to-know.
- Shall not divulge information outside company without management approval
- All government and proprietary information will be accessed and stored electronically on company provided resources