Sr. Info Systems Manager

7 days left

Location
Washington, DC
Posted
Jan 12, 2017
Closes
Mar 30, 2017
Hours
Full Time
GDIT is seeking a Sr. Information Assurance Subject Matter Expert to join its dynamic St. Elizabeths Technology Insertion Program (TIP) at the new consolidated DHS HQ. The successful candidate will have the ability to adapt with the ever changing threat landscape to continually assess and test security posture of DHS information systems. This role will work in both individual and group environments at a fast-paced operational temp and will need to be a highly motivated individual who is serious about working to strengthen national security against evolving threats. The desired candidate will have working knowledge of security engineering practices within DHS/DoD and use project management methodologies to successfully direct tasking; scheduling; and delivery activities.

 

Responsibilities:

 

Work with other information and physical security system security personnel; IT Operations and Enterprise Management System engineering teams and others to implement; refine and maintain an appropriate vulnerability and patch management security program 

Manage the St. Elizabeths Vulnerability Management Team tasked with: 

Defining/supporting DHS vulnerability management and security assessment standards and metrics 

Conducting and maintaining vulnerability scanning on networks; systems and applications 

Producing actionable; risk-based reports on security assessment results 

Managing; training and mentoring more junior team members 

Assisting with vulnerability remediation when necessary 

Developing and maintaining security plans and security testing plans 

Deliver expected results based on appropriate FISMA score category targets across 7 of 11 security automation domains for Continuous Monitoring of system risk 

Report directly to IA SME Lead and assist other security life cycle activities as necessary 

Direct Recertification & Accreditation activities for 8 (eight) discrete IP-based networks and assist IA SME Lead with managing schedule to completion (ATO)

Be responsible and accountable for all task and reporting deadlines

Continuously improve risk models; metrics; reports; processes; and activities 

 

Manages the security of information systems assets and the protection of systems from intentional or inadvertent access or destruction.

  

Manages the security of information systems assets and the protection of systems from intentional or inadvertent access or destruction.

Supervises assigned staff.

Recognizes potential; successful; and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

Perform preliminary forensic evaluations of internal systems.

Interfaces with client to understand their security needs and oversees the development and implementation of procedures to accommodate them.

Ensures that the user community understands and adheres to necessary procedures to maintain security.

Weighs business needs against security concerns and articulates issues to management and/or customers.

Maintains current knowledge of relevant technology as assigned.

Provides guidance in the creation and maintenance of Standard Operating Procedures and other similar documentation

Maintains current knowledge of relevant technology as assigned.

Participates in special projects as required.

Education Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical training, or work experience.

Qualifications 10-12 years of information security management experience; preferably in the DoD/DHS/DOE context

 

Advanced knowledge of network security concepts; best practices and procedures including FISMA/NIST RMF and DITSCAP/DIACAP 

Experience managing vulnerability mitigation and information security process in an enterprise environment 

Experience managing vulnerability assessment teams

Proven ability to Lead customer-facing reporting and negotiation activities 

Ability to produce and disseminate reports for vulnerability assessments and compliance reporting 

Strong knowledge of Windows client/server; *NIX systems; VMWare; networking; VTC/ VoIP; device firmware; web/application servers; databases; and network architectures (hands on preferred; manages highly technical team) 

Ability to manage vendor relationships and track externally dependent patching activities; driving the threat research life cycle 

Ability to learn complex computing environments quickly; memorization skills desired 

Broad understanding of all aspects of IT and enterprise systems interoperability (OSI Model; SDLC; ITIL; etc.) 

Coordinate with other team (SOC; IR; RMD; Ops; Management; etc.) activities as necessary 

Support threat intelligence activities when required

 

 

Required skills/experience: 

ISSO experience a must 

Current DHS HQ Entry on Duty (EOD) holders given preference

DoD Top SECRET required

Strong communication skills and the ability to work with diverse teams

CISSP certification or other DoDI 8570 IAM II required (will consider other management certs e.g.; PMP)

 

  As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.