• Develop and maintain an IS security program for both classified and unclassified IS’s in compliance with the NISPOM, FAR/DFARS, DAAPM, and other U.S. regulations
• Monitor compliance by performing periodic self-inspections, tests and reviews of IS’s to ensure that IS’s are operating as authorized or accredited, that conditions have not changed, and drive corrective solutions if necessary.
• Prepare and maintain security assessment and authorization documentation (i.e. SSP, RAR, CUI Policies and CMMC)
• Oversee the ISSO and System Administrators to ensure they follow established IS security policies and procedures
• Assume ISSO and System Administrator responsibilities in their absence
• Ensure all ISSO’s and System Administrators receive the necessary technical and security training to carry out their duties
• Ensure development and implementation of an effective information system security education, training, and awareness program
• Ensure IS security measures comply with applicable government regulations, provide configuration management, and accurately assess the impact of modifications and vulnerabilities for each system
• Maintain a thorough understanding of new industrial security standards and drive their implementation
• Maintain a working knowledge of NIST 800-53 / NIST SP 800-171 security controls, system functions, technical security safeguard, and operational security measures
• Bachelor’s degree in Information Technology, Computer Science, Information Systems, or a related field
• Experience with configuration/certification and auditing/analysis of: (1) Windows operating systems and system virtualization in peer-to-peer, LAN & WAN networks; and (2) Microsoft Active Directory.
• Experience as an ISSM implementing NISPOM Chapter 8, DAAPM, and DFARS 252.204-7012.
• DoD 8570 IAM/IAT Certifications preferred
• Active DoD Secret clearance
• Self-motivated, detail-oriented, and able to multi-task in accordance with changing priorities
• Strong written and verbal communication skills