Cybersecurity ISSM (Senior)

Thank you for your interest in Torch Technologies. We’re an award-winning, 100% employee-owned company based in Huntsville, Alabama. Recognized as a top 100 defense company, we’re dedicated to supporting our nation’s military. Our guiding principle, “Lighting the Pathway of Freedom,” reflects our commitment to excellence, cooperation, integrity, and reliability. As a Certified Evergreen ESOP, our dedication is to continuously develop and maintain our company’s success for the next century, securing a prosperous future for our employee-owners for generations to come. Join Torch and be a part of shaping the future!

Job Title

Cybersecurity ISSM (Senior)

Location

Alabama - Gunter Maxwell - Montgomery, AL US (Primary)

Job Description

Torch Technologies is seeking a Cybersecurity Information System Security Manager (ISSM) (Senior) to join a team that conducts advanced planning to achieve/maintain Authority to Operate (ATO) for systems assigned to the Air Force Human Resources Systems Division. This includes performing reviews and monitoring of Risk Management Framework (RMF) packages and oversight of 30K Common Control Indictors from the assessment of 4.8K Security Technical Implementation Guide checklist items, as outlined in the National Institute of Standards and Technology special publications, to ensure confidentiality, integrity, and availability of IT systems. This person will be responsible for accomplishing the 6-Step RMF process, developing test scripts, answering RMF controls in the Enterprise Mission Assurance Support Service (eMASS), developing security documentation, and other activities required to obtain an ATO for assigned systems. This position supports the AFLCMC/GB Business and Enterprise Systems Directorate (BES)/GBH Human Resources Systems Division at Randolph AFB, TX.

Responsibilities:

 

This position requires a highly motivated individual with experience in ensuring the appropriate operational security posture is maintained for the assigned IT. This includes the following related to maintaining situational awareness and initiating actions to improve or restore cybersecurity posture:

· Reviews and monitors security controls required to obtain an Authority to Operate (ATO) for assigned systems.

· Completes and maintains required cybersecurity certification IAW AFMAN 17-1303.

· Implements and enforces all AF cybersecurity policies, procedures, and countermeasures.

· Ensures all users have the requisite security clearances and need-to-know, complete annual cybersecurity training, and are aware of their responsibilities before being granted access to the IT according to AFMAN 17-1301;

· Maintains all authorized user access control documentation IAW the applicable AF Records Information Management System.

· Ensures software, hardware, and firmware complies with appropriate security configuration guidelines, e.g., security technical implementation guides/security requirement guides.

· Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.

· Coordinates changes or modifications with the system-level ISSM, SCA, and/or the Wing Cybersecurity office; and,

· Reports security incidents or vulnerabilities to the system-level ISSM and wing cybersecurity office according to AFI 17-203, Cyber Incident Handling.

Job Requirements

Required Qualifications: 

• Education
  • Master’s or Doctorate Degree in a related field and 10 years of experience in the respective technical/professional discipline being performed, 5 years of which must be in the DoD.
  • OR Bachelor’s Degree in a related field and 12 years of experience in the respective technical/professional discipline being performed, 5 of which must be in the DoD.
  • OR 15 years of directly related experience with proper certifications as described in the PWS labor category performance requirements, 8 of which must be in the DoD.

 

• Specific Work Experience
  • Extensive knowledge and proficiency with the Risk Management Framework (RMF) and in accomplishing the 6-steps of the RMF process
  • Experience with developing test scripts and answering security controls in eMASS
  • Expert knowledge and proficiency with Cybersecurity best practices
  • Expert knowledge and understanding of Federal and DoD Cybersecurity regulations and policies
  • Experience with the implementation of new IT/Business System technologies to include but not limited to Cloud Infrastructure and Enterprise Resource and Planning (ERP) systems.
  • Must have experience with NIST SP 800-53 Security controls and the understanding of control implementations.
  • Must be willing to learn and use cybersecurity testing tools.

 

• Certifications
  • At a minimum, the successful candidate will meet the requirements IAW the DoD Cyber Workforce Framework (DCWF) foundational requirements to obtain and sustain a cybersecurity certification In accordance with DAFMAN 17-1305 DAF Cyberspace Workforce Management Program and must have and maintain one of the following Advanced ISSM certifications:
    • Certified Information Security Manager (CISM by ISACA) (Preferred)
    • Certified Information System Security Professional (CISSP by ISC2) (Preferred)
    • Certified Information Systems Security Officer (CISSO by UAT)
    • Federal IT Security Professional-Manager-NG (FITSP-M by FITSI)
    • GIAC Certified Incident Handler (GCHI by GIAC)
    • GIAC Certified Intrusion Analyst (GCIA by GIAC)
    • GIAC Cloud Security Automation (GCSA by GIAC)
    • GIAC Security Leadership Certification (GSLC by GIAC)
    • Global Industrial Cyber Security Professional (GICSP by GIAC)

​​​​​​​

• Security Clearance
  • Ability to obtain and maintain a DoD Secret Security Clearance.
• U.S. Citizenship required.

 

Preferred Qualifications:

• The following skills are highly desirable but not required for this position:
  • Agile principles, methodologies, and enabling technologies, e.g., CheckMarx, SonarQube, Fortify, Jira, Confluence, Kanban, Scrum, Jira, Jenkins, and Bitbucket.

 

U.S. Citizenship Required for this Position: Yes

Job Type: Regular

Security Clearance: Secret

Schedule:  M-F; 8-5

Work Location:  Randolph AFB, Texas

Travel: Yes, 0-10%

Relocation Assistance Available: No 

Position Contingent Upon Award of Contract: No

 

Benefits:

Torch Technologies is proud to offer a stable and professional work environment, a competitive salary, and an excellent, comprehensive benefit package including: ESOP participation, 401(k) match and safe-harbor contribution, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, Health Saving Accounts and Health Reimbursement Accounts, EAP, education assistance, paid time off, and holidays. 

 

Applying to Torch Technologies:

Only those candidates invited for an interview will be contacted. Employment at Torch Technologies is contingent upon the successful completion of a comprehensive background check.

Torch Technologies is committed to hiring and retaining a diverse workforce.  We are proud to be an Equal Employment Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability or any other protected class.

#LI-EW1

 

 

If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access https://torchtechnologies.hua.hrsmart.com/ats as a result of your disability. You can request reasonable accommodations by sending an email to HR@torchtechnologies.com. Thank you for your interest in Torch Technologies.