Torch Technologies is seeking a
Cybersecurity Information System Security Manager (ISSM) (Senior) to join a team that conducts advanced planning to achieve/maintain Authority to Operate (ATO) for systems assigned to the Air Force Human Resources Systems Division . This includes performing reviews and monitoring of Risk Management Framework (RMF) packages and oversight of 30K+ Common Control Indictors from the assessment of 4.8K Security Technical Implementation Guide checklist items, as outlined in the National Institute of Standards and Technology special publications, to ensure confidentiality, integrity, and availability of IT systems. This person will be responsible for accomplishing the 6-Step RMF process, developing test scripts, answering RMF controls in the Enterprise Mission Assurance Support Service (eMASS), developing security documentation, and other activities required to obtain an ATO for assigned systems. This position supports the AFLCMC/GB Business and Enterprise Systems Directorate (BES)/GBH Human Resources Systems Division at Randolph AFB, TX.
Responsibilities:
This position requires a highly motivated individual with experience in ensuring the appropriate operational security posture is maintained for the assigned IT. This includes the following related to maintaining situational awareness and initiating actions to improve or restore cybersecurity posture:
- Reviews and monitors security controls required to obtain an Authority to Operate (ATO) for assigned systems.
- Completes and maintains required cybersecurity certification IAW AFMAN 17-1303.
- Implements and enforces all AF cybersecurity policies, procedures, and countermeasures.
- Ensures all users have the requisite security clearances and need-to-know, complete annual cybersecurity training, and are aware of their responsibilities before being granted access to the IT according to AFMAN 17-1301;
- Maintains all authorized user access control documentation IAW the applicable AF Records Information Management System.
- Ensures software, hardware, and firmware complies with appropriate security configuration guidelines, e.g., security technical implementation guides/security requirement guides.
- Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.
- Coordinates changes or modifications with the system-level ISSM, SCA, and/or the Wing Cybersecurity office; and,
- Reports security incidents or vulnerabilities to the system-level ISSM and wing cybersecurity office according to AFI 17-203, Cyber Incident Handling.
Required Qualifications: - Education
- Master’s or Doctorate Degree in a related field and 10 years of experience in the respective technical/professional discipline being performed, 5 years of which must be in the DoD.
- OR Bachelor’s Degree in a related field and 12 years of experience in the respective technical/professional discipline being performed, 5 of which must be in the DoD.
- OR 15 years of directly related experience with proper certifications as described in the PWS labor category performance requirements, 8 of which must be in the DoD.
- Specific Work Experience
- Extensive knowledge and proficiency with the Risk Management Framework (RMF) and in accomplishing the 6-steps of the RMF process
- Experience with developing test scripts and answering security controls in eMASS
- Expert knowledge and proficiency with Cybersecurity best practices
- Expert knowledge and understanding of Federal and DoD Cybersecurity regulations and policies
- Experience with the implementation of new IT/Business System technologies to include but not limited to Cloud Infrastructure and Enterprise Resource and Planning (ERP) systems.
- Must have experience with NIST SP 800-53 Security controls and the understanding of control implementations.
- Must be willing to learn and use cybersecurity testing tools.
- Certifications
- At a minimum, the successful candidate will meet the requirements for and maintain an IAM Level III Cybersecurity certification by possessing at least one of the following certifications as directed by DoD 8140 and outlined in DoD 8570.01 -M, Appendix3, Table 2,2 AFMAN 17-1303:
- ISACA CISM
- (ISC)2 CISSP
- GIAC GSLC
- EC Council CCISO
- Security Clearance
- Ability to obtain and maintain a DoD Secret Security Clearance.
- U.S. Citizenship required.
Preferred Qualifications: - The following skills are highly desirable but not required for this position:
- Agile principles, methodologies, and enabling technologies, e.g., CheckMarx, SonarQube, Fortify, Jira, Confluence, Kanban, Scrum, Jira, Jenkins, and Bitbucket.
U.S. Citizenship Required for this Position: Yes
Job Type: Regular
Security Clearance : Secret
Schedule: M-F; 8-5
Work Location: Randolph AFB, Texas
Travel: Yes, 0-10%
Relocation Assistance Available: No
Position Contingent Upon Award of Contract: No
Benefits:
Torch Technologies is proud to offer a stable and professional work environment, a competitive salary, and an excellent, comprehensive benefit package including: ESOP participation, 401(k) match and safe-harbor contribution, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, Health Saving Accounts and Health Reimbursement Accounts, EAP, education assistance, paid time off, and holidays.
Applying to Torch Technologies:
Only those candidates invited for an interview will be contacted. Employment at Torch Technologies is contingent upon the successful completion of a comprehensive background check.
Torch Technologies is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Employment Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability or any other protected class .