Our client is in immediate need for an ISSM that will be responsible for: (a) managing the Risk Management Framework (RMF) posture of classified systems; (b) maintaining Controlled Unclassified Information (CUI) compliance under DFARS 252.204-7012 for unclassified networks; and (c) continuously
improving information system (IS) security practices to meet new industrial security standards as they develop. In this dynamic position, you will interface with government oversight officials, government contractors, and various stakeholders (i.e. System Administrators, Information System Security Officer
(ISSO), Facility Security Officer (FSO) and Senior Management).
• Develop and maintain an IS security program for both classified and unclassified IS’s in compliance with the NISPOM, FAR/DFARS, DAAPM, and other U.S. regulations
• Monitor compliance by performing periodic self-inspections, tests and reviews of IS’s to ensure that IS’s are operating as authorized or accredited, that conditions have not changed, and drive corrective solutions if necessary.
• Prepare and maintain security assessment and authorization documentation (i.e. SSP, RAR, CUI Policies and CMMC)
• Oversee the ISSO and System Administrators to ensure they follow established IS security policies and procedures
• Assume ISSO and System Administrator responsibilities in their absence
• Ensure all ISSO’s and System Administrators receive the necessary technical and security training to carry out their duties
• Ensure development and implementation of an effective information system security education, training, and awareness program
• Ensure IS security measures comply with applicable government regulations, provide configuration management, and accurately assess the impact of modifications and vulnerabilities for each system
• Maintain a thorough understanding of new industrial security standards and drive their implementation
• Maintain a working knowledge of NIST 800-53 / NIST SP 800-171 security controls, system functions, technical security safeguard, and operational security measures
• Bachelor’s degree in Information Technology, Computer Science, Information Systems, or a related field
• Experience with configuration/certification and auditing/analysis of: (1) Windows operating systems
and system virtualization in peer-to-peer, LAN & WAN networks; and (2) Microsoft Active Directory.
• Experience as an ISSM implementing NISPOM Chapter 8, DAAPM, and DFARS 252.204-7012.
• DoD 8570 IAM/IAT Certifications preferred
• Active DoD Secret clearance
• Self-motivated, detail-oriented, and able to multi-task in accordance with changing priorities
• Strong written and verbal communication skills