Information Systems Security Manager

  • SAIC, Inc
  • San Diego, CA, USA
  • Jun 24, 2021

Job Description

Description

SAIC currently has a career opportunity for an Information System Security Manager (ISSM) in San Diego, California.  The Information Systems Security Manager (ISSM) will support information system life cycle activities from scoping systems for new programs and preparing Risk Management Framework packages, to reviewing regular maintenance, support and upgrades of systems during program execution, to program close-out and de-certification activities. Maintain day-to-day security posture and continuous monitoring of Information Systems (IS) including security event log review and analysis, end user account audits, etc.
 
·    Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
·    Conduct internal vulnerability assessments of the IS to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
·    Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, SCTM).
·    Maintain thorough understanding of NIST 800-53 controls and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM). 
·    Maintains awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges.
·    Responsibilities also include those listed in DCSA Authorization and Accreditation Process Manual 2.2 Section 3.6 Information System Security Manager (ISSM)
·    Monitor system administration activities
·    Duties will include but are not limited to technical engineering, administrative processing, compliance reporting, training, and document creation.

Qualifications

  • Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience; PhD or JD and four (4) years or more experience; experience in lieu of degree is acceptable
  • Active Top Secret clearance eligibility (SCI eligibility preferred)
  • DoD 8570 IAM Level II or III certifications (CISSP, CISM, CAP, CASP+, etc.)
  • Extensive DCSA and DAAPM experience and knowledge is desired
  • Experience in Windows 10 and Windows Server operating systems
  • Experience working on classified processing systems and handling classified material.
  • Experience reviewing NESSUS vulnerability scans and reviewing audit logs
  • Candidate should have experience with Defense Information Systems Agency (DISA) security policies to include Security Technical Implementation Guides (STIGs) and Information Assurance Vulnerability Alerts (IAVA)
  • Support to TS/SCI level programs in DoD community
  • Experience creating and submitting security documentation in eMASS