Provide programmatic support to the Information Systems Security Manager (ISSM) team in support of internal and external customer’s network and information security systems.
Maintain ISSM onboarding process and ensures new ISSMs obtain account accesses and training. Compiles and submits a monthly ISSM activity report to the customer.
Manage the ISSM team functions of monitoring the organization's security training status, verifying/approving/tracking of privileged user accounts, reviewing/approving of laptop security CONOPs, tracking of security incident response and mitigation, and tracking of Critical Action Tasks (CAT).
Be responsible for translating the ISSM business requirements into specific systems, applications or process designs.
Maintain the ISSM database for security related waivers and special access requests.
Act as an advocate for the client as the ultimate authority on the architecture designed to address client business problems.
Provide direction for design activities.
Coordinate the ISSM team's communications with Area Security Officers (ASOs) and Facility Security Officers (FSOs) to ensure InfoSec related items (e.g. Security Incidents, PEDs, Media & Equipment Movement, etc.) are properly addressed.
Conduct local site visits with ASOs to ensure that system and physical security policies are being enforced and provide documented findings to management for review.
TS/SCI w/ poly
Requires 10 to 12 years with BS/BA or 8 to 10 years with MS/MA or 5 to 7 years with PhD
Candidate shall demonstrate strong communication skills
Candidate shall have strong understanding of IT systems
Candidate shall demonstrate an understanding of security practices (e.g. virus identification and reporting)
Familiar with programmatic tools/databases used by ISSM team (e.g. Remedy, ServiceNow, etc.).
Familiar with customer’s environment and procedures
Candidate shall demonstrate experience working with and across teams and handling multiple projects at once
Candidate will ideally have professional security certifications (Examples: CISSP, CAP, Security +)