Overview
The Squires Group is staffing for an upcoming initiative and is looking for an experienced
Information Systems Security Manager. The ISSM will lead the development and implementation of the System Security Plan (SSP), and all associated documentation required for the Risk Management Framework (RMF) Assessment and Authorization process.
If you are passionate about leveraging technology to make a positive impact, we encourage you to apply. Work is expected to begin in late 2024. Candidates must be located in the Washington, DC Metro Area.
Per our Federal Government Contract, candidates
must be US Citizens with an Active Top-Secret Clearance.
Responsibilities
- Ensure that all IT systems are compliant with NIST, FISMA, and other governmental security requirements
- Play a crucial role in managing, developing, and executing Continuous monitoring plan to ensure all FISMA system remain compliant by actively participating in the IT change management process.
- Coordinate and collaborate with system owners and information owners to ensure seamless and secure implementation of changes to the system.
- Conduct thorough assessments of the security or privacy impact resulting from system changes, considering factors such as data sensitivity, access controls, confidentiality, integrity, and availability.
- Collaborate with cross-functional teams and subject matter experts to identify, evaluate, and implement security controls and measures necessary to maintain the security posture of the system(s).
- Manage the Plan of Actions and Milestones (POA&M) process, ensuring that identified security weaknesses and vulnerabilities are promptly documented, tracked, and remediated.
- Provide timely and accurate information in response to data calls and queries from internal and external partners, such as IRM/A&A, GITR, and other government agencies.
- Interpret interdepartmental and government directives related to security requirements, policies, and guidelines, and effectively communicate these directives to cross-functional teams
- Guide and manage the ISSO team to ensure optimal Provide mentorship, training, and manage resources and workloads effectively.
- Prepare and present regular reports detailing the status of the IT security landscape, including project status, active tasks, team updates, and compliance status.
- Perform complex product evaluations, recommends, and implements products/services for network security.
- Research, evaluate and recommend new security tools, techniques, and technologies and introduce them to the enterprise in alignment with IT security strategy.
- Collaborate with Change, Problem, and Release Management for security impacts to the environment
- Review new security solutions designs and specifications to validate they are ready for existing security operations environment.
Qualifications
- Bachelor’s Degree in a related technical or business discipline, or equivalent practical experience.
- CISSP certification is REQUIRED
- PMP certification is preferred
- 5+ years of progressive management experience
- 10+ years of hands-on experience in developing and implementing RMF framework and A&A processes, specifically focused on developing SSP packages for achieving ATO for FISMA system.
- Understanding of, and experience applying industry security policies, regulations, and guidelines such as NIST, FISMA, and SANs top 20 controls, etc.
- Knowledge of change control and change management process, project management, Enterprise Architecture frameworks, SDLC, Security Policy.
- Knowledge of ports, protocols, and the OSI Model.
- Knowledge of key security capabilities such as e-forensics, logging/SIEM, risk management, PKI, IPsec, vulnerability management, A&A, continuous monitoring, disaster recovery, network, and endpoint security.
- Experience working with IP networking, networking protocols, and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail, and access-lists.
- Experience working with internet, web, application, and network security techniques.
- Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
- Experience with the Federal government, preferably with the Department of State or DHS.
- Per our Federal Government Contract, candidates must be US Citizens with an Active Top-Secret Clearance.
Check out our Referral Program!
The Squires Group will pay you for every qualified professional that you refer and we place. If you see a position posted by The Squires Group and know the perfect person for the job, please send us your referral. For more information, go to https://bit.ly/squiresreferral .