Information System Security Manager at American Rheinmetall

Auburn Hills, Michigan, United States -

Full Time

Start Date

Immediate

Expiry Date

18 Jun, 26

Salary

0.0

Posted On

20 Mar, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Risk Management Framework, RMF Process, Authority to Operate, ATO Process, DoD Regulations, Continuous Monitoring, ConMon, POA&M, A&A Activities, NIST 800-53, eMASS, Data Transfer Agent, Incident Response, System Security Plan, SOP, SSP

Industry

Defense and Space Manufacturing

Description

American Rheinmetall is a leader in the design, development, and production of advanced tracked and wheeled vehicles, vehicle systems, and critical components that support U.S. military modernization. Our expertise spans electronic and mechanical systems, fabricated structures, armored products, rubber solutions, and track systems, delivering reliable innovation to both defense and commercial markets. As part of the global Rheinmetall family, we combine proven heritage with forward-looking technology to provide solutions that defend and feed the world. Job Summary: The Information System Security Manager (ISSM) is responsible for upholding the Authority to Operate (ATO) process ensuring classified computing environment meets all DoD regulations and requirements. This role will collaborate with the DCSA ISP, AR FSO, Program Managers, Engineers, and other groups as needed within the company. Essential Functions: * Responsible for the Risk Management Framework (RMF) process as stipulated by the 32 CFR Part 117 - National Industrial Security Operating Manual (NISPOM), and the DCSA Assessment and Authorization Guide (DAAG). * Monitor RMF compliance by performing periodic self-inspections, tests, and reviews of information systems to ensure classified environment is operating as authorized. * Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis. * Perform Assessment and Authorization (A&A) activities such as information system certification testing of required configuration controls and preparing and maintaining various documentation such as: Standard Operating Procedures (SOP), System Security Plan (SSP), Risk Assessment Report (RAR), Security Controls Traceability Matrix (SCTM), etc * Manages and maintains Continuous Monitoring (ConMon)/Plan of Action and Milestones (POA&M) reports * Perform as a Data Transfer Agent loading unclassified files to the classified environment * Responsible for security sustainment activities including hardware change management, software change management, account management, media protection, user interface, file transfers, etc * Assists the FSO and Computer Incident Response Team (CIRT) in data spill incident response * Maintain thorough understanding of NIST 800-53 controls, determines controls applicable to the application, and documents control implementation in the SCTM * Perform other tasks as needed Supervisory Responsibilities: Does this position supervise others? No Minimum Qualifications: * Active Secret security clearance * Familiarity with eMASS and RMF process * Demonstrated strong critical thinking and problem-solving skills * Detail oriented and self-motivated * Ability to effectively prioritize multiple projects * Ability to work with people in a team environment and deal effectively with changing project priorities Education & Experience * Bachelor’s degree or equivalent experience * 3-5 years of experience as an ISSO or System Administrator role * Strong organizational and communication skills Background Prerequisites: Must undergo and meet company standards for background check, employment verification, reference checks, physical, and controlled substance testing. Preferred Qualifications: * 3-5 years of experience as an ISSO or System Administrator * Experience using eMASS and knowledge of RMF process * Knowledge of Data Transfer Agent * Ability to effectively prioritize multiple projects * Ability to work with people in a team environment and deal effectively with changing project priorities Working Conditions and Physical Demands With or without reasonable accommodation requires the physical and mental capacity to perform effectively all essential functions. In addition to other demands, the demands of the job include: * For physical requirements, indicate Rarely, Occasionally, Frequently, or Continuously where possible * Rarely: exists, but not on a regular basis * Hazards, tasks, PPE, ergonomic concerns, travel requirements, workspace (close proximity to others) * Ability to lift up to 25 pounds occasionally Equal Employment Opportunity Statement: American Rheinmetall provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sex (including pregnancy), gender identity, national origin, age, disability, or marital status, in accordance with applicable federal, state and local laws. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Responsibilities

The Information System Security Manager is primarily responsible for upholding the Authority to Operate (ATO) process, ensuring classified computing environments comply with all DoD regulations and requirements through the Risk Management Framework (RMF) process. This role involves monitoring RMF compliance, performing continuous security posture maintenance, and executing Assessment and Authorization (A&A) activities, including testing and documentation.