General Summary
COLSA is currently seeking experienced Information Systems Security Managers who wish to submit their resume for future positions at Redstone Arsenal. The ISSM will oversee the team that maintains the authorization of the systems throughout its lifecycle. Provide support and technical expertise related to Defense in Depth principles and technology in security engineering designs and implementation. Be responsible for drafting and maintaining ATO/ATC. The candidate will be able to fully support new and existing inspectable DoD programs. They will manage the Information Assurance team and their work products, ensuring high quality performance and deliverables.
*Principal Duties and Responsibilities (Essential functions)
- Ensure compliance with cyber security requirements in accordance with DoD and DoD Component cybersecurity and information assurance policies and guidance
- Support the PM in development of a POA&M and budget that addresses the implementation of cyber security requirements throughout the lifecycle of the system
- Lead and provide guidance for a cyber security team
- Support implementation of Risk Management Framework (RMF)
- Maintain and report systems assessment and authorization status and issues in accordance with DoD component guidance
- Coordinate with the organization’s security manager to ensure issues affecting the organization's overall security are addressed appropriately
- Continuously monitor the system or information environment for security-relevant events and configuration changes that negatively affect security posture
- Periodically assesses the quality of security controls implementation against performance indicators
- Immediately report any significant change in the security posture of the system, and recommended mitigations, to the Security Control Assessor (SCA) and AO
- Recommend to the SCA or AO a reassessment of any or all security controls at any time, as appropriate
- Ensure that SSE processes are aligned to, and adequately documented in the program's SEP and PPP, and are executed with sufficient rigor to ensure required security controls are implemented, resulting in the lowest level of residual risk to system operation
- Maintain situational awareness and initiate actions to improve or restore IA posture as well as conducting annual security reviews of all IA controls and a test of selected IA controls
- Train ISSOs within the team to grow their skillsets in the various aspects of Risk Management Framework and Accreditation/Authorization to include, but not limited to eMASS, SPLUNK, PO&AM generation, etc.
_At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefitshere. _
Required Skills
Required Experience
Required Qualifications:
- Bachelor’s degree in a related field.
- 10-12 years’ experience in cyber security or information assurance.
- Must be Certified Information Systems Security Professional (CISSP) certified.
- Experience with the certification and accreditation process.
- Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems.
- Knowledge of intrusion prevention and network access control tools/systems.
- Understanding of system audit principles and security risk assessment.
- Strong understanding of security policy advocated by the U.S. Government including the Department of Defense and appropriate civil agencies, e.g., NIST.
- General experience includes development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented.
- Must have a solid understanding of network infrastructure and mission assurance.
- Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB.
- Must have excellent communications skills and be capable of working with all levels of an organization.
- Must be a US Citizen and hold a current Secret DOD clearance.
Preferred Qualifications
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.