Information System Security Manager (ISSM)

Job Summary

North Stone is seeking an ISSM/ISSO to support an Air Force program. We are seeking motivated cybersecurity professionals to help us develop a secure information systems that will keep some of the most innovative projects safe. As a member of our team, you'll create system security plans, make cyber risk decisions, and conduct audits on classified information systems.

Job Duties And Responsibilities

• Develops, implements, and maintains data strategy to ensure quality and accessibility
• Develops/maintains the definition and documentation of architectural standards, reference architectures processes, operating models, and logical and physical data/associated data management resources
• Ensure unclassified systems follow government and APL regulations while still meeting program demands and operating in an accredited state.
• Lead all aspects of SSP development, maintenance, accreditation/re-accreditation, and oversight, including conducting periodic reviews to ensure compliance.
• Lead contact for IS security inspections, tests, and reviews by oversight authorities.
• Other duties as assigned.
  
  

Job Requirements (Education/Skills/Experience)

• Must be able to pass a NAC background check
• Have acquired a BS in Computer Science, Cyber Security, or a related field; 8 years of relevant cybersecurity experience;
• Must have and one of the following current certifications: CASP , CISSP, CISSP Associate, CAP, or GSLC.
• Have 3 years working with the RMF, DAAPM, NISPOM, JSIG or other equivalent security frameworks.
• Must understand Risk Management Framework and NIST 800-53 and how this aligns to FISCAM
• Must have familiarity with eMass, or like product, and methods for receiving an application only ATO
• Must be familiar with performing Security validation testing through a DevSecOps process and within the Cloud Environment
• Mush have experience with SI on implementing Static and Dynamic Code Security Scanning with products like SonarQube, Checkmarx, or Twistlock
• Must have at least 5-8 years DoD experience and worked in a numerous AF PMOs; understands documentation required from PMO to successfully implement a new system
• Ability to identify risks of implementing technology solutions and analyze the impact on achieving desired business outcomes
• Experience building sustainable and transferrable architecture for automated testing
• Expert level experience in documenting interface schema and detailed interface control documents (ICDs)
  
  

This contractor and subcontractor shall abide by the requirements of 41 CFR 60–1.4(a), 60–300.5(a) and 60–741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, national origin, or for inquiring about, discussing, or disclosing information about compensation. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

About Us

Diné Development Corporation (DDC) is the parent company of NOVA Corporation, DDC IT Services, Diné Source, BRIC, LLC, DDC 4C, and North Stone is 100% tribally owned by the Navajo Nation.

DDC is dedicated to providing outstanding services to its customers and employees. Our strength is in our ability to understand our client's needs and deliver a solution that will not only meet those needs but exceed their expectations. DDC strives to be innovative in all areas of business and is committed to technical excellence. Our corporate offices are located on the Navajo Nation reservation in Window Rock, Arizona, Chambersburg, Pennsylvania, Albuquerque, New Mexico, and Columbia, Maryland.

DDC through its subsidiaries provides unique, custom solutions to meet our customers’ communications and technology needs. Our solutions provide relevant capabilities using modern technology. At their most complex, they are multi-purpose systems that gather information from dozens of different sources. The information is presented to decision makers immediately, visually, clearly.