Information System Security Manager
This position is located in Arlington, VA. Position Summary: The Information System Security Manager is a hands-on information system administration and security role within the Office of the CIO Information Assurance team (OCIO IA) at the Software Engineering Institute (SEI). This is an opportunity for a cleared IT professional in the Arlington VA area with strong organization and communication skills and experience with modern Windows system administration tools and operating techniques in an accredited network. You will be responsible for assuring that information systems in the Arlington VA office remain compliant with DoD and other USG regulations. You will accomplish this work in collaboration with OCIO IA teammates in Pittsburgh PA as well as Security and IT staff working in Arlington and Pittsburgh. Minimum Qualifications and Requirements : Education/Training: Bachelor's degree in Computer Science, Information Technology, or related field, or equivalent combination of training and experience. Current Microsoft server certifications; one or more of MCITP (Server & Client), MCSA, MCSE, etc. Licenses: One or more of: CAP, CASP CE, Security+CE, SSCP, GSEC, CISM Experience: Five or more (5+) years of system and network administration experience using modern system administration tools and operating techniques in an accredited Microsoft Windows infrastructure. Experience as a system / network administrator for services under government cognizance (eg, DISA, DSS); knowledge of the DOD STIGs and their application in establishing and operating information systems. Experience confirming audit records and STIG compliance for systems in an accredited Microsoft Windows infrastructure. Skills/Abilities : Problem solving skills. Demonstrated knowledge of Windows operating system commands/utilities; demonstrated knowledge of system administration tools and processes such as those used to manage software, Group Policy Objects, and other aspects of Active Directory; demonstrated knowledge of server and network problem resolution based on examination of events/alerts and system monitors/logs. Mobility: Normally sedentary but some business travel required (eg, training, other SEI locations, etc.) Computer hardware installation and configuration required on an infrequent basis involving objects typically Environmental Conditions: Normal office conditions, close contact with computer displays for prolonged periods of time. Mental: Ability to identify, isolate and resolve systems problems. Communicate the nature of problems to different parties (eg, system / network administrators, IA professionals, IT user support, etc.) to resolve technical issues, sometimes under pressure. Temperament and maturity to self-motivate and prioritize tasks with input from a remotely located manager. Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance. Must meet and maintain DoD 8570-M readiness requirements within six (6) months of employment at SEI's expense. Additional work hours (weekend and evening hours) may be required on an infrequent basis. May be required to stay at or return to work during incidents and/or emergencies to perform duties as requested. Preferred Qualifications and Requirements : Licenses: One or more of the following: Active CISSP (or Associate), GSLC, CISM. Experience: Prior experience as an associate ISSO / ISSM (IAO/IAM) in a small to medium-scale classified enclave. ICD-501/503 experience; prior use of the HBSS and ACAS tool chains, Security Content Automation Protocol (SCAP) validation tools, awareness of NISPOM IS-relevant rules, etc. Other: Active Department of Defense security clearance. Accountability : Ensures server(s) and client stations are operating efficiently and resolves issues. Verifies that accredited systems maintain their prescribed configuration and addresses/reports deviations from same immediately. Recommends and performs modifications to enhance server/service performance and reliability. Regularly communicates with the IA team members in Pittsburgh to raise situational awareness of operational status information relevant to the services in scope. Responsible for proper handling (eg, safe storage, proper marking, approved destruction) of documents and media used in the operation and maintenance of accredited systems. Responsible for providing information relating to equipment and facility needs each fiscal planning session to aid in budgeting expenses related to the systems / services in scope. Participates in the development or adaptation of IS-specific security safeguards and local operating procedures to satisfy certification requirements. Works with the ISSM and ISSO in Pittsburgh to align policies and procedures to DC operations. Direction: Works under limited supervision from a remote manager as part of the OCIO IA team. Expected to act independently to maintain and securely operate accredited systems with guidance from the lead ISSM, FSO, and OCIO senior management. Draws guidance from relevant operational security guidelines / manuals, turning to the lead ISSM for clarification when needed. Most work is performed independently, or in concert with the lead ISSM and appropriate IT staff. Decisions : Must be able to identify user and systems issues and resolve trivial issues independently. Information Security issues and complex operational problems are handled in concert with OCIO IA teammates and appropriate IT or Security staff. Supervisory Responsibilities : No regular staff supervisory responsibilities. Regularly inspects accredited systems and may task other IT personnel in order to address infractions or post-audit POA&M issues. Will assist in the training of new users of the accredited systems. Job Functions or Responsibilities : 25% Installs, configures, and maintains accredited servers, workstations and network devices in accordance with most current STIG or other relevant documents. Assists users to resolve problems related to use of accredited systems and services. 15% Reviews server logs directly or with analysis tools to discern operational anomalies, including operational threats (eg, resource contention/exhaustion) and security concerns; addresses and/or reports these to IA colleagues or IT as appropriate. 10% Reports on the operational status of accredited information systems based on reviews and scans to accrediting agencies, possibly through established channels such as ACAS, HBSS, etc. Reporting is coordinated with the IA team members in the Pittsburgh office. 10% Performs C&A duties including submission of accreditation documents. Drives IS related self-inspection activities and C&A / CCRI preparations in Arlington. Primary interface to the local DSS IS representative. 10% Performs classified IS user indoctrination briefings and manages IT accounts / credentials of classified systems, including required recordkeeping (account lifecycle, DoD IAA training status, policy acknowledgements, etc.). 10% Supports the FSO to prepare for traditional security inspection activities, complete self-inspections, etc. Functions as the secondary COMSEC custodian for the SEI Arlington (a/k/a DC) office responsible for device inventory, key management and loading, etc. FSO/CSSO duties in a backup capacity as directed. 15% Performs enterprise IT duties in a backup / supplemental capacity as directed. 5% Training and professional development to keep current with new technologies and regulations. 100% Total Effort Organizational Chart : CIO Our benefits philosophy encompasses three driving priorities: Choice, Control, and Well-being. Learn more at https://www.cmu.edu/jobs/benefits-at-a-glance/. You can join an institution and inspire innovations that change the world. Carnegie Mellon University is a welcoming workplace that considers applicants for employment without regard to, and does not discriminate on the basis of, gender, race, protected veteran status, disability, or any other legally protected status.