Information System Security Manager (ISSM)
Company: BAE Systems
Location: Sterling
Posted on: May 16, 2022
|
|
Job Description:
Join BAE Systems' Intelligence and Security sector and be a part
of a team that enables our employees to support our customers and
their missions. We are seeking an Information System Security
Manager (ISSM) to join the security team in our Sterling, Virginia
facility. The ISSM is the primary point of contact between the
organization and the Cognizant Security Agency (CSA) on all aspects
of Information Technology (IT) systems; security, risk management,
assessment, and authorization. The ISSM is responsible for ensuring
security principles, procedures, and practices under the Risk
Management Framework (RMF) are applied to information system. As an
ISSM you will work in coordination with Senior Security Management,
Customer Representatives, Program Managers, Information System
Security Officers (ISSO), and System Administrators (SA) to
maintain a strong information security posture. Your work will
ensure information systems maintain compliance with applicable
security directives and standards, such as ICD 503, NIST, CNSSI,
and NISPOM.The site ISSM is as a member of the corporate security
team and may be called-on to assist the team with other security
related duties, such as self-inspections, investigations,
user-training, interpreting & applying corporate policy, etc. In
the future the Sterling ISSM may become a direct supervisor of
Information System Security Officers (ISSO).The BAE Systems'
Sterling facility is located near the intersection of the Dulles
Toll Rd (Rt. 267) andSully Rd (Rt. 28).Occasional local travel may
be required for work or training purposes - less than 5%.The
responsibilities of an ISSM include, but aren't necessarily limited
to:Manage Information Assurance Program at the BAE Systems'
Sterling, VA facilityAct as primary point of contact with multiple
CSAs on information and IT system security mattersProtect
information systems and data from threats and vulnerabilitiesCreate
and maintain system security documentationImplement, maintain, and
monitor security controlsAchieve and maintain Authorization to
Operate classified information systemsAssess technical and
non-technical threats and mitigate vulnerabilitiesProvide security
related guidance to colleaguesMaintain eligibility for personnel
security clearancePerform other duties as assignedFor an extensive
list of responsibilities and tasks that may be associated with the
ISSM role, refer to the DCSA Assessment and Authorization Process
Manual (DAAPM) or visit the DHS Cybersecurity & Infrastructure
Security Agency (CISA) Cyber Jobs GlossaryRequired Education,
Experience, & SkillsRequired Education & Experience:8+ years
relevant technical or security experience with a Bachelor's or
Master's degree in a related field15+ years relevant technical or
security experience and relevant certifications, but some or no
collegeRequired Certification:The candidate must hold an IAM Level
2, DoD 8570.01-M compliant certification (i.e. CAP, CASP+ CE,
CISSP, GSLC, CCISO, or HCISSP).Required Security Clearance:Active
Top Secret Clearance w/poly and Single Scope Background
Investigation (SSBI) completed within the last 6 years.Required
Skills & Experience:A qualified candidate for this position must
have the ability to:Communicate clearly and concisely verbally and
in writingListen and ask clarifying questions as neededSpeak in
small and large group settingsDraft clear, concise, and
grammatically correct documentationMaintain complete and organized
recordsSet and self-manage professional development& education
goalsAbility to prioritize competing demands and complete tasks on
scheduleA qualified candidate for this position must have
experience with or an understanding of:The RMF processNIST 800
series, CNSSI 1253, NISPOM Chapter 8, and related
publicationsRequirements gathering, designing, and implementing IT
SystemsDrafting System Security Plans (SSP) and other Body of
Evidence (BOE) documentation in support of an authorization
package, such as boundary diagrams, operating procedures,
etc.Documentation process tools such as Xacta and eMassImplementing
and monitoring technical, administrative, and operational security
controlsPerforming risk assessment and risk mitigation for
classified IT systemsThe Assessment and Authorization (A&A)
processCollaborating with CSA representatives to maintain open
communicationUsing network/system scanning tools and interpreting
resultsUsing Security Information and Event Management (SIEM)
softwareSecurity incident managementSecurity education, awareness,
and trainingPreferred Education, Experience, & SkillsIn addition to
the required skills for this position, a successful candidate will
demonstrate some combination of knowledge, training, and hands-on
experience with/in:The IC communityIC community networksAs an
[assistant] FSO, CSSO, or CPSOPenetration testingVulnerability
AnalysisCritical Incident ResponseCOMSEC proceduresNetwork design
and network device configurationHardware and software
vendorsVirtualized environments & virtualization technologiesCloud
Security conceptsMcAfee Host Based Security System (HBSS) ePolicy
Orchestrator (ePO) and Nessus Assured Compliance Assessment
Solution (ACAS) systemsDefense Counterintelligence and Security
Agency (DCSA) Assessment and Authorization Process Manual
(DAAPM)CUI protection guidelinesInsider Threat ProgramsAbout BAE
Systems Intelligence & SecurityBAE Systems, Inc. is the U.S.
subsidiary of BAE Systems plc, an international defense, aerospace
and security company which delivers a full range of products and
services for air, land and naval forces, as well as advanced
electronics, security, information technology solutions and
customer support services. Improving the future and protecting
lives is an ambitious mission, but it's what we do at BAE Systems.
Working here means using your passion and ingenuity where it counts
- defending national security with breakthrough technology,
superior products, and intelligence solutions. As you develop the
latest technology and defend national security, you will
continually hone your skills on a team-making a big impact on a
global scale. At BAE Systems, you'll find a rewarding career that
truly makes a difference.Intelligence & Security (I&S), based
in McLean, Virginia, designs and delivers advanced defense,
intelligence, and security solutions that support the important
missions of our customers. Our pride and dedication shows in
everything we do-from intelligence analysis, cyber operations and
IT expertise to systems development, systems integration, and
operations and maintenance services. Knowing that our work enables
the U.S. military and government to recognize, manage and defeat
threats inspires us to push ourselves and our technologies to new
levels.Our Commitment to Diversity, Equity, and Inclusion:At BAE
Systems, we work hard every day to nurture an inclusive culture
where employees are valued and feel like they belong. We are
conscious of the need for all employees to see themselves reflected
at every level of the company and know that in order to unlock the
full potential of our workforce, everyone must feel confident being
their best, most sincere self and be equipped to thrive. We provide
impactful professional development experiences to our employees and
invest in social impact partnerships to uplift communities and
drive purposeful change. Here you will find significant
opportunities to do meaningful work in an environment intentionally
designed to be one where you will learn, grow and belong.
Keywords: BAE Systems, Sterling , Information System Security Manager (ISSM), IT / Software / Systems , Sterling, Virginia
Click
here to apply!
|