QUALIFICATIONS YOU MUST HAVE:

• Active and transferable U.S. government issued Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.
• Typically requires a University Degree and minimum 8 years prior relevant experience or an Advanced Degree in a related field and minimum 5 years of experience or in absence of a degree, 12 years of relevant experience.
• Past direct leadership or project/program management experience
• Cybersecurity, systems security or hardening
• Compliance-based auditing using the Risk Management Framework (RMF) and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA
• Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics)
• Physical security/security, policework/criminal justice, investigations, or Border Patrol
• Project or program management, office management, senior administration, or account management
• Important note: Within six months of hire date, you must obtain and maintain a Security professional certification commensurate with IAM Level III certification.

QUALIFICATIONS WE PREFER:

• Master’s Degree in Computer Science, Information Systems, Information Technology, Cyber Security, Criminal Justice, Business or other relevant degree
• Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc.
• Experience working with the customer, both internal and external in the development of Basis of Estimates (BOE’s) and contract negations
• Experience with any of the following: NISPOM, JSIG/RMF, and ICD-503 or equivalent requirements to include technical computer/network system auditing
• Experience in professional engagements with internal and external customers (i.e., AOs, DAOs, SCAs, Program Managers, etc.), to include negotiating controls/requirements with government Contracting Activities

POSITION ROLE TYPE:

Onsite

Our team in Richardson, Texas is seeking an Information System Security Manager (ISSM). The Information Systems Security Manager is responsible for compliance oversight, assessment, and operations of systems under their purview. They may be assigned to a single large-scale program or oversee multiple programs.

• Must have knowledge regarding National Industrial Security Operating Manual (NISPOM) and related documentation such as:
• Risk Management Framework (RMF),
• Baseline Technical Security Configuration Standards,
• Defense Counter-Intelligence Security Agency (DCSA)
• Assessment and Authorization Process Manual (DAAPM)
• Customer/contract specific Cybersecurity regulations.
• Joint Special Access Program Implementation Guide (JSIG)

Components of the cybersecurity (CS) program include Assessment and Authorization (A&A) activities (documentation preparation, system configuration/validation, certification testing, etc.), security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.), conducting self-inspections, and delivering information systems security education and awareness.
* This position is onsite in Richardson, TX, and a relocation package is available if needed. *

WHAT YOU WILL DO:

• ISSMs are required to maintain IAM Level III certification commensurate with their role as required by DoDD 8140 (8570).
• Complete all DCSA and Collins Aerospace required training within 6 months of appointment (annual requirements thereafter).
• Accountability for all systems under their assigned purview.
• Maintaining a working knowledge of all CIS functions, security policies, technical security safeguards, and operational security measures.
• Interactions with DCSA SCA/ISSP to track items including, but not limited to, upcoming authorizations (ATO), new technologies solutions (i.e., new SIEM, OS, etc.), policy interpretations (in conjunction with Site ISSM), and onsite A&A.
• Developing, maintaining, and updating, in coordination with all system stakeholders (CS Manager, ISO, DT, etc.), applicable site POAM(s) to identify system weaknesses, mitigating actions, resources, and timelines for corrective actions.
• Coordinating DCSA SVA preparation activities for assigned CAGE in conjunction with Site ISSM.