ASEC IncDescription:ASEC is currently looking for an Information Systems Security Manager (ISSM) who supports multiple programs administering the Information Assurance duties for multiple information systems. The ISSM will coordinate duties with the Systems Administrator and/or Information Technology (IT) staff to ensure all Risk Management Framework (RMF) requirements are implemented and functional. This position will also conduct technical and nontechnical reviews and audits.The ideal candidate will have the ability to work with minimum supervision to provide information security support to ASEC and the US DoD and to apply their technical expertise to the implementation, monitoring and/or maintenance of company IT systems. Work will be on classified and unclassified networks..Requirements:Tasks/Responsibilities: Recommend, support and maintain a security document management solution for a Security Assessment and Authorization program to include FIPS 199, System Security Plans, Security Assessment Plan, Security Assessment Report, Contingency Plan, Configuration Management Plan, Plan of Action and Milestones (POA&M) management, Risk Assessment and Waiver management documentation and other supporting documents as required for system accreditation's.Experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC), and knowledge of Information Assurance Vulnerability Alerts (IAVAs).Assess and recommend process improvements to ensure all operational and application system changes undergo a security impact assessment. Experience conducting analysis and providing recommendations on new or existing security capabilities. Apply and maintain DISA/NSA STIG configurations to Microsoft, Linux and other vendor software products.Schedule and administer system downtime for maintenance and upgrades.Perform vulnerability and risk assessments on systems, applications, and baselines in support of Risk Management Framework (RMF) for DoD IT Department of Defense Instruction (DoDI) 8510.01 of networks and systems.Identify applications and operating systems machine data and logs for SIEM analysis. Provides security validation of complex engineering analysis and support for firewalls, routers, networks, and operating systems.Develop training for IT staff covering the implementation of new policy or procedures, new security program initiatives, etc.Provide CM for security-relevant information system software, hardware, and firmware. Collaborate with Change, Problem, and Release Management for security impacts to the environment.Trained and proficient in Assured File Transfer (AFT) processes and tools.Knowledge in Windows, UNIX, and Linux operating systems and knowledge of ports, protocols, and the OSI Model. Experience working with IP networking, networking protocols, and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists.Skills and Qualifications: DoD 8570 Certification: IAM-II Certification (CompTIA Sec+, CAP, CASP+ CE, CISM, CISSP, GSLC or CCISO).Demonstrated knowledge and comprehension of the Risk Management Framework, JSIG, and NIST policies.Must be able to communicate complex technical issues in simple terms and clearly, both orally and in writing, to a wide audience; Strong Interpersonal skills and the ability to work as part of a team.Requires infrequent travel, requires an occasional after-hours response to security-related company issuesMust be a self -starter capable of multitasking and efficiently managing your time in a dynamic environment while requiring minimal levels of supervisionEffective writing, speaking, analytical and customer service skillsEducation and Experience:Bachelor's degree in computer science or other IT related field, Cyber or Information Assurance. At least two (2) years of experience as an ISSO or ISSM Experience with the DoD Information Assurance accreditation processRequired Clearance: This position is subject to a government security investigation and must meet eligibility requirements for access to classified information. Requires ACTIVE CLEARANCE. Other Requirements: Requires flexibility in work hours.We recruit, employ, train, compensate, and promote the most qualified persons for employment without regard to race, color, religion, ancestry, sex, national origin, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, genetic information, or any other status protected by law. ASEC will not discharge or in any other manner discriminate against employees or applicants because they choose to inquire about, discuss, or disclose their own compensation or the compensation of another employee or applicant.If you'd like more information about your EEO rights as an applicant under the law, please click here: