Information System Security Manager

  • AeroVironment
  • Petaluma, CA

Depends on Experience

Full Time

  • Work from home
  • No Travel Required

Skills

eMASSRMFISSMTop SecretCISSPCISMNISPOMRisk Management FrameworkSystem Security Plansfirmware

Job Description

AeroVironment has partnered with ClearanceJobs to assist in their search for an experienced Information System Security Manager (ISSM), to provide information systems security support for DoD and Non-DoD classified systems and networks.  This is a full-time opportunity with excellent benefits, pay, and BONUS!

 
Title: Information System Security Manager (ISSM)
Location: Petaluma, CA
Clearance: Active TS is a MUST! 
Terms: Full-time
Schedule: On-site (9/80) w/potential for hybrid after established timeline

Overview:  The Information Systems Security Manager (ISSM) will stand up and maintain accreditations for classified systems and networks. Classified Systems & Networks range in complexity and size to include multi-platform computing (Linux, Windows, VMWare), virtual environments, and mobile systems. Extensive experience with eMASS, NISPOM Chapter 8, DCSA DAAPM, SCAP, and DISA STIGs. Assemble and maintain Risk Management Framework (RMF) security plan accreditation packages for various government agencies.  May be required to manage work distribution to Information Systems Security Officers (ISSO).

Basic Qualifications (Required Skills & Experience):

    • Bachelor’s degree in an IT-related or similar relevant field is required or equivalent combination of education, training, and experience
    • 5 to 8 years of experience in a similar systems security role or experience in related IT or systems security disciplines is highly preferred.
    • Demonstrated experience with Risk Management Framework
    • DoD 8570 IAM Level III Certification (CISM / CISSP Preferred)
    • Experience with eMASS.
    • Experience with DD254’s (Department of Defense Contract Security Classification Specification)
    • Understanding the technical configurations of Windows and other operating systems is desirable.
    • Understand Windows and Linux event logs is desirable.
    • Knowledge of compliance checking tools preferred.
    • Excellent customer service and organization skills, including good interpersonal skills and the ability to communicate effectively with all levels of employees.
    • Successful completion of a criminal background check is required.

Other Qualifications, Desired Competencies & Physical Demands:

    • Able to excel in a fast-paced, deadline-driven environment, where small teams share a broad variety of duties
    • Displays strong initiative and drive to accomplish goals and meet company objectives
    • Takes ownership and responsibility for current and past work products
    • Is committed to learning from mistakes and driven to improve and enhance performance of oneself, others, and the company
    • Focuses on teamwork and puts the success of the team above one's own interests
    • Ability to work in an office classified environment (Constant)
    • Required to sit and stand for long periods; talk, hear, and use hands and fingers to operate a computer and telephone keyboard (Frequent)

Position Responsibilities:

    • Provide technical and procedural IS Security advice to government and Internal teams
    • Develop and maintain a formal Information Systems (IS) security program and policies for their assigned area of responsibility
    • Understand, implement, and enforce the security policies and processes that are required by: the NISPOM, DCSA DAAPM, System Security Plans (SSPs), and NIST Security Controls.
    • Coordinate with Facility Security Officer (FSO) on approval of External Information Systems (e.g., guest systems, interconnected system with another organization)
    • Oversee ISSO under their purview to ensure they follow established IS policies and procedures
    • Assume ISSO responsibilities in the absence of the ISSO; maintain required IA certifications
    • Understand, implement, and enforce security policies and processes to maintain the with respect to: Removable Media Creation, Trusted Download, Safeguarding Classified Information, Classified Markings, Wireless Devices, and relevant System Security Plans (SSPs)
    • Perform Systems Administration for Linux/Windows operating systems
    • Serve as the lead for security configurations and interact with Government Approving Authorities for all inspections of these systems
    • Utilize a variety of accredited security software tools to conduct vulnerability assessments, continuous monitoring scans, and those employed to maintain OS configurations
    • Ensure all ISSO & Users of classified systems receive the necessary technical and security training (e.g., operating system, networking, security management) to carry out their duties
    • Coordinate IS security inspections, tests, and reviews
    • Ensure development and implementation of an effective IS security education, training, and awareness program
    • Ensure policies and procedures for authorizing the use of hardware/software on an IS are followed. Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the appropriate authorization prior to the addition, change or modification
    • Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
    • Working experience with High Assurance Internet Protocol Encryptors/TACLANE
    • Analyze security audits for non-standard events and media write control logs
    • Assist in investigations involving anomalies to include support to Insider Threat Working Group
    • Validate systems & networks are patched in accordance with SSP and Continuous Monitoring activities
    • Maintain and modify accreditation packages
    • Assist with administrative processes related to User Accounts, Data Transfer Agents (DTA) and Trusted Downloads (TD)
    • Alarm testing, maintaining door and safe combinations, facility keys, document control, processing visit requests, coordinating logistics for classified meetings and conferences
    • Available to respond to alarms and emergencies after hours
    • Provide initial security briefings, debriefings, foreign travel, and related security training
    • Assist with COMSEC inventory and documentation updates to ensure 100% accountability with NSA
    • Assist with self-inspections, random searches, and security violation reports
    • Submit visit requests for all outbound visits for employees and subcontractors
    • Knowledge of Networking protocols as well as Cybersecurity best practices.

ABOUT US
At AeroVironment, our purpose is to secure lives and advance sustainability through transformative innovation. Our solutions give our customers a fresh vantage point, positioning them to see the world with new eyes and extending their reach beyond the line of sight. That is the power of our breakthrough unmanned aircraft systems, perfected and refined over a half century. Whether they are warfighters searching for an enemy, border patrol agents searching for people in need of assistance, or telecom providers linking millions to the digital economy, our customers choose AeroVironment because our systems generate actionable intelligence reliably, creating a path to goals that would otherwise be unattainable.