Vacancy caducado!
Description
Job Description:The Information Technology Department is responsible for securing not only standard information technology infrastructure, but also an Industrial Control System (ICS)/Supervisory Control and Data Acquisition (SCADA) infrastructure. ISD is responsible for maintaining regulations and requirements governing federal IT security, addressing the increasing frequency and sophistication of cyber-attacks, and supporting an overarching effort of continuous organizational improvement and maturity. ITD maintains a continuous monitoring policy and a heightened focus on cyber security compliance and operations.JOB DESCRIPTION:This Cyber Security Program has a current need for an Information Systems Security Manager to be the ISSO Team Lead. The ISSO Team Lead will manage the overall security related policies, procedures, laws and regulations; create, document and implement various security plans and compliance documents to enforce Information Assurance principles.PRIMARY RESPONSIBILITIES- Develop, maintain and manage Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), POA&Ms, and other relevant security documentation for existing and new systems.
- Conduct both technical and non-technical internal audits and testing to validate system and operational requirements compliance
- Use workflows to develop security artifacts
- Document, organize and implement security control requirements
- Identify current and new risks
- Prepare vulnerability test plans and coordinate the testing and result procedures
- Assess customer based solutions and provide recommendations for any improvements to current security posture
- Ability to review and write security related policies and procedures and influence policy
- Coordinate and communicate with multiple ISSOs to ensure compliance with regulations and internal policies.
- Maintain scheduling of IA related events, meetings, briefings and represent the Cybersecurity team as needed.
- Support, communicate, reinforce and defend the cybersecurity mission, values and culture of the organization.
- Support and coordinate Change and Control Boards and document meeting minutes and subsequent tasks. Provide feedback and approve all changes from the Cybersecurity perspective.
- Assist with management of Authorization and Assessment processes for multiple authorities to operate across multiple sites.
- Assist with the evaluation of changes or additions to the IS within the facility, determine security relevance, and make recommendations for approval or denial to these changes.
- Collaborate with Policy/Compliance Division to ensure that all IA procedures and processes are followed according to policy/protocol
- Candidate must be 8570.1M / 8140 compliant with certifications, preferably CISSP or Associate and RHCSA to correspond to an IA Management Level III designation.
- Must have 5+ years of work experience
- Must have past experience with, and demonstrate the skills and capabilities to successfully execute the duties and responsibilities of this position
- Must demonstrate a general commitment to excellence, a dedication to producing quality work results, and an ability to learn and apply new skills.
- Must be a flexible, positive and energetic team player; be able to work in a fast paced environment; adapt to changes tasking; and be able to work with minimal supervision
- Must be courteous and professional when interacting with colleagues and customers, demonstrate a solid ability to identify and solve problems, plan and prioritize personal tasking, effectively communicate verbally and in writing, and be able to work successfully in a team environment
- Experience leading a team of various skill levels.
- Minimum of 8 years of experience as an ISSO supporting major federal information systems/applications
- Knowledge with auditing security controls and financial processes
- Superior writing, communication and critical analysis skills
- Deep understanding of Information Assurance, Information Technology and Information Management concepts, processes and procedures
- ISC2 Certified Authorization Professional (CAP) or ISC2 Certified Cloud Security Professional (CCSP) certification or CompTIA Certified Advanced Security Practitioner (CASP+)
Vacancy caducado!