Information System Security Manager (ISSM)
Dynetics, an employee-owned company, is seeking a talented Information System Security Manager to join a diverse team to create unique solutions for complex problems. With offices across the United States engaging in the defense, space, cyber and commercial fields, Dynetics provides responsive, cost-effective engineering, scientific and IT solutions.
The selected candidate will oversee and manage all aspects related to classified information systems in the Dayton office. The ISSM will develop, implement, and evaluate Information Systems (IS) security programs in accordance with the National IndustrialSecurity Program Operating Manual (NISPOM) Chapter 8, IndustrialSecurity Field Operations (ISFO) Process Manual for the Certification and Accreditation of Classified Information Systems under the NISPOM, and the Risk Management Framework (RMF) requirements. The ISSM will be responsible for system compliance, auditing, security plan development, performing self-inspections, and developing and implementing information systems securityeducation and awareness programs. The ISSM will coordinate with the Corporate Information System Security Manager (CISSM) and the Facility Security Officer (FSO) on system security compliance. The ISSM will ensure the information system program meets DSS ODAA/RMF regulations including: - Prepare, development, and maintenance of Information Systems (IS) security plans and procedures used to obtain/retain DSS NISPOM/RMF accreditation - Review and revise IS security plans based on analysis of the existing equipment configuration - Document any changes or special security requirements - Provide day-to-day technical support to classified IS including adherence to policies, procedures, and best practices - Configurations for certification and/or DSS accreditation/assessment - Implementation and validation of security relevant controls on computing systems; network devices such as switches, routers and firewalls; SAN storage; and virtualization hosts and any virtualized systems and appliances - Ensure implementation of security features for the detection of malicious code, viruses, and intruders, as appropriate - Design, develop, and implement annual IS security training for the IS users - Report all security incidents to the CISSM, FSO, and Director of Security and be required to investigate, document, report, and provide protective and corrective measures in response to such incidents - Interact with government agencies to obtain rulings, interpretations, and acceptable deviations for compliance with regulations - Interpret and implement NISPOM and RMF information security policy and guidance, and provide oversight and assistance to Information Assurance (IA) staff - Act as a security liaison between Dynetics employees, Director of Security, CISSM, FSO, and external customers and/or government officials
Candidate must be eligible to obtain a Top Secret clearance. - Bachelor's degree in Computer Science, Information Systems or similar degreepreferred plus 2 or more years of related experiencerequired.
- Experience as an ISSM, Assistant ISSM, or ISSO in a classified setting
- Experience in a DoD security environment with demonstrated knowledge of classified IS operation
- Experience setting up security configurations and auditing on Windows operating systems
- Proficiency and experience in the following security disciplines:
- IS security training (i.e., NISPOM Chapter 8 courses and RMF training through CDSE)
- Understanding of DD254s and how to reference them when preparing system plans
- Marking classified material generated by the IS according to the class guides
- Ability to multi-task and excel in a multi-customer environment.
Good people skills and the desire to work with a highly technical team of engineers and scientists.
- Candidate must be a U.S. citizen
- Active Secret clearance is required.
- Active Top Secret-level clearance is preferred - Current CISSP or other DoD 8570 IAM III-compliant approved baseline certification is preferred - Experience and/or training with the Risk Management Framework (RMF) and developing RMF transition plans is a plus - Experience with Defense Security Service (DSS) policies and procedures is preferred - Background in IT support is preferred - Experience setting up security configurations and auditing on Linux operating systems is a plus - Linux +, Network+, COMSEC Custodian or similar certifications are a plus - Knowledge of network and communication equipment and protocols is a plus - Ability to lift and move computer equipment including printers, scanners, monitors, etc. up to 50 lbs is a plus