Information Systems Security Manager (ISSM)

Title: Information Systems Security Manager

Location: Chantilly, VA (100% On-Site)

Terms: Full-Time/Permanent

Clearance: Active TS/SCI with FSP (Full-Scope Polygraph) , Must have

Salary : Market Salary

Our client is seeking a full-performance Information Systems Security Manager (ISSM) in the Chantilly, VA area to work with their customer’s network security and accreditation team.

An ideal candidate will have direct experience in an ISSO or information security engineer (ISSE) role and must have excellent attention to detail. This position will work heavily with authorization to operate (ATO) and Federal Risk and Authorization Management Program (FedRAMP) package development.

Essential Duties and Responsibilities

• Lead and implement the Assessment & Authorization process under the Risk management framework for new and existing information systems

• Lead and plan for technology insertion by keeping up with new technologies and capabilities such as encryption, transport, networking, and routing, among other things

• Review assessment reports and assist projects in identifying security risks (technical and non-technical) and developing effective mitigation strategies such as Plan of Action and Milestones (POAMs)

• Support the development or modification of System Security Plans (SSPs), security requirements, and other support documents for the Assessment and Authorization process

• Assist projects in determining their security requirements by analyzing project's business needs and help evaluate industry offering to identify products that meet security requirements

• Provide security review and approval for changes to accredited systems, such as installation of new software and opening network ports, network architecture concepts, etc.

• Provide recommendations for security approval for devices being brought into Sponsor building

• Provide feedback for sponsor computer incident team to resolve cyber incidents

• Provide input to improve group processes by recording lessons learned, creating standard operating procedures

• Ensure all products and administrative documentation is completed and maintained to ensure continuity and historical reference.

Qualifications, Knowledge, and Critical Skills

• Familiarity with Authority and Accreditation (A&A) and C&A packages needed to obtain security approvals for system deployments into production state.

• Demonstrated experience reviewing assessment reports and assisting projects in identifying security risks, including technical and non-technical, and developing effective mitigation strategies, including Plan of Action

• and Milestones (POA&Ms).

• Demonstrated experience reviewing and authoring System Security Plan (SSP), security requirements, and other supporting documentation for the A&A process.

• Knowledge and ability to write and review NIST 800-53 controls.

• Experience running and interpreting Rapid7 Scans.

• Excellent problem-solving skills with keen attention to detail.

• Ability to effectively communicate complex technical concepts to non-technical stakeholders.

Education and Work Experience

• Bachelor’s degree in computer science, Cybersecurity, or a related field.

• 10 years of experience in network security or related positions.

• Desired Certifications and Licenses

• Other relevant cyber certifications (CompTIA Sec , Net , etc.) are a bonus.

• Special Requirements

• TS/SCI clearance with a full-scope polygraph.

Job Type: Contract

Pay: $105,909.00 - $116,506.00 per year

Schedule:

• 8 hour shift

Experience:

• TS/SCI with Full-Scope Polygraph: 1 year (Required)

Security clearance:

• Top Secret (Required)

Ability to Commute:

• Chantilly, VA 20151 (Preferred)

Ability to Relocate:

• Chantilly, VA 20151: Relocate before starting work (Preferred)

Work Location: In person

Salary : $105,909 - $116,506