Information Systems Security Manager

  • SAIC,
  • Hampton, VA
company banner
SAIC
Analysis, ANSI, CISSP, Development, HTTP, Manager, Management, Metrics, Modeling, Networks, Programming, SAP, Security, Simulation, Testing
C2H Independent, Contract Independent, Contract W2, Contract Corp-To-Corp, C2H W2, C2H Corp-To-Corp
Work from home not available Travel not required

Job Description



Description

SAIC has an opportunity for an Information Systems Security Manager (ISSM) supporting Headquarters Air Combat Command s (HQ ACC) A5/8Z Advanced Programs Division. The successful applicant will support the integration of advanced program concepts and technology as well as coordinate and integrates resource priorities across the Special Access Program (SAP) portfolio to shape Combat Air Forces (CAF) programming strategy to ensure warfighter future requirements are met.


Key duties/responsibilities include, but are not limited to:


  • Maintain a formal Information Systems (IS) security program and policies applicable to all Air Combat Command units under A5/8Z administration
  • Develop and oversee operational information systems security implementation policy and guidelines
  • Coordinate with Program Security Officer (PSO) or cognizant security official on approval of External Information Systems (e.g. guest systems, interconnected system with another organization)
  • Oversee ISSOs under ACC purview to ensure they follow established IS policies and procedures
  • The ISSM shall assume ISSO responsibilities in the absence of the ISSO
  • Maintain required Information Assurance (IA) certifications
  • Monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks
  • Maintain a repository of all security authorizations for IS under their purview
  • Conduct periodic testing to evaluate the security posture of IS by employing various intrusion/attack detections and monitoring tools (shared responsibility with ISSOs)
  • Coordinate IS security inspections, tests, and reviews
  • Position requires up to 15% travel to CONUS areas
  • Guide implementation of an effective IS security education, training, and awareness program
  • Participate in self-inspections; identify security discrepancies and report security incidents
  • Confirm proper measures are taken when an IS incident or vulnerability is discovered
  • Manage, maintain, and execute the information security continuous monitoring plan

Must maintain certification requirements mandated by DOD Directive 8570, CISSP or CISM


JOB DESCRIPTION: Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions. Conducts risk and vulnerability assessment at the network, system and application level. Conducts threat modeling exercises. Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy. Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions. Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and makes recommendations on process tailoring. Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. May support cyber metrics development, maintenance and reporting. May provide briefings to senior staff. Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. May support cyber metrics development, maintenance and reporting. May provide briefings to senior staff. Applies extensive technical expertise and has full knowledge of other related disciplines. Receives assignments in the form of objectives and establishes goals to meet objectives. Provides guidance to subordinates to achieve goals in accordance with established policies. Work is reviewed and measured based on meeting objectives and schedules. Establishes and recommends changes to policies which affect subordinate organization(s).


PROBLEM COMPLEXITY: Develops technical solutions to complex problems which require the regular use of ingenuity and creativity.


FREEDOM TO ACT: Work is performed without appreciable direction. Exercises considerable latitude in determining technical objectives of assignment. Completed work is reviewed from a relatively long-term perspective for desired results. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results.


IMPACT: Guides the succesful completion of major programs.


LIASON: Represents organization as prime technical contact on contracts and projects. Interacts with senior external personnel on significant technical matters often requiring coordination between organizations.



Qualifications

Clearance required to start: Top Secret (SCI eligibility preferred)

Clearance able to obtain/maintain: TS/SCI with Polygraph



TYPICAL EDUCATION AND EXPERIENCE: Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience



Job Posting Date: 2019-05-09 08:18:59 UTC

Primary Location: HAMPTON, VA 23665 US

Clearance Level Must Currently Possess: Top Secret

Clearance Level Must Be Able to Obtain: Top Secret/SCI with Polygraph

Potential for Teleworking: No

Travel: Yes, 10% of the time

Shift: Day Job

Schedule:
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC . EOE AA M/F/Vet/Disability


Company Information