Information System Security Management Specialist
Responsibilities:A dynamic, well organized, and highly motivated individual with prior relevant experience to serve as the Information System Security Manager (ISSM) to ensure full-scope program support and compliance in the Silver Spring, Maryland area. This role establishes, documents, and monitors the Peraton Labs classified information system security program implementation plan, and ensures compliance with DoD policies. This is a full-time on-site position.The candidate acts as a technical management resource for information system security matters. Provides technical and programmatic Information System Security Management Services to internal and external customers in support of network and information security systems. Ensures the development and implementation of information security policy, requirements, and procedures within the organization's business processes. Reviews documentation from information obtained from customer using accepted guidelines such as RMF (Risk Management Framework).Provides assessment and authorization (A) management support by guiding the development of all documentation necessary to complete the A process to include system security plans, contingency plans, and other associated documentation. Conducts complex vulnerability assessments to include development of risk mitigation strategies; adjudicating based on assessing the vulnerabilities, threats, and risk associated with assessment. Reviews system configurations and scan tool results to determine system compliance and report results.Analyzes policies and procedures against Federal laws and customer regulations and provides recommendations for closing gaps. Develops strategies to comply with privacy, risk management, and e-authentication requirements. Provides information system security support for the development and implementation of security architectures to meet new and evolving security requirements. Evaluates, develops, and enhances security requirements, policy, and tools. Provides assistance in computer incident investigations. Performs vulnerability assessments including development of risk mitigation strategies. Specific responsibilities include, but are not limited to:Develop and maintain a formal information system (IS) security program and policies for their assigned area of responsibility;Provide technical and procedural IS Security advice to engineering team and senior management regarding the RMF process.Establish and maintain computer systems and networks for classified processing; responsible for administration, maintenance, and security auditing.Develop and oversee operational information systems security implementation policy and guidelines;Assume ISSO responsibilities in the absence of the ISSO; maintain required IA certifications;Maintain a repository using eMASS with all security authorizations for IS under their purview;Coordinate IS security inspections, tests, and reviews;Ensure proper measures are taken when an IS incident or vulnerability is discovered;Ensure development and implementation of an effective IS security education, training, and awareness program;Ensure Configuration Management policies and procedures for authorizing the use of hardware/software on an IS are followed. Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the appropriate AO prior to the addition, change or modification;Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures;Manage, maintain, and execute the information security continuous monitoring plan;Ensure a record is maintained of all security-related vulnerabilities and ensure serious or unresolved violations are reported to the AO/DAO; and Assess changes to the system, its environment, and operational needs that could affect the security authorizationQualifications:Minimum 5 years of working experience in information system securityProven ISSM working experience including DoD security policies and technical security protection measures, processes, and procedures.Must have a complete understanding of RMF, NISPOM, DAAPM, JSIG, and COMSECStrong working knowledge of eMASSSolid understanding of networks and information technologyStrong verbal communication, computer, analytical, and interpersonal skills.Have ability to produce appropriate clear, concise, and detailed documentation.Be able to work independently and in a team.Have current CISSP certificateMust possess an active TS clearance with SCI eligibilityPeraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our employees do the can't be done, solving the most daunting challenges facing our customers.Colorado Salary Minimum: $87,400 Colorado Salary Maximum: $212,100 The estimate displayed represents the typical salary range for this position, and is just one component of Peraton's total compensation package for employees. Other rewards may include annual bonuses, short- and long-term incentives, and program-specific awards. In addition, Peraton provides a variety of benefits to employees.