Information Systems Security Manager

Employer
KITTY HAWK TECHNOLOGIES
Location
King George, VA
Posted
Nov 21, 2020
Closes
Nov 26, 2020
Ref
1434490315
Hours
Full Time
Job DescriptionKitty Hawk Technologies, a growing service and technology innovator, is seeking talented and motivated professionals to deliver lean and effective solutions to our government partners. We have an immediate opening for an Information System Security Manager (ISSM) to join our team. This position will provide an opportunity to develop the innovative technology that supports some of our nation's most important defense initiatives. Kitty Hawk employees work closely with our customers to develop solutions that support national engineering and security missions and the ideal candidate will support our team in providing program support to the Department of Defense (DoD) and Department of Navy (DoN). In addition to receiving a competitive salary and health benefits, the ISSM will join a motivated, talented, and technically accomplished team. The employee will also enjoy a flexible work environment where contributions are recognized and rewarded.Candidates must be results oriented and have the ability to work in a well-organized, logical and systematic manner. They will set clear objectives, monitor progress, take corrective action and control performance levels to maintain high internal customer satisfaction. They will possess deep insight into customer requirements and will maintain the ability to ethically influence those requirements. They will be able to clearly define and clearly articulate compelling solutions and will require an ability to quickly assimilate and apply complex technical information. Essential Duties and Responsibilities:Tasks will include, but are not limited to:. Applying full range of Information Assurance (IA) policies, principals, and techniques to maintain security integrity of information systems processing classified information. Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades. Providing information for the development of RMF (Risk Management Framework) and System Security Plans. Establishing and maintaining configuration management plans. Install/update/remove computer equipment. Preparing documents to gain government approvals to operate information systems. Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs.. Weekly system audits. Anti-virus software management. Sanitizing systems and components. Establishing new user accounts. Preparing for and supporting inspections, etc.. Maintaining the physical security and access to the building, closed areas, and SCIFs.Successful candidate should be knowledgeable of information technology security principles, PC Desktops, and Microsoft suite of applications. Assist with self-inspection reviews. This is a multi-tasking environment that demands customer service, communication, and organizational skills. Basic Qualifications:ISSM position requires a bachelor's degree in computer science or a related field and at least 4 years of applicable experience.An active Top Secret/SCI clearance.Knowledge of NIST SP 800-37 and NIST SP 800-53DOD 8570 compliance (CISSP, Security +, etc.)Experience with ICD503 and NISPOM Chapter 8Familiarity with multiple intel community and DSS system accreditation proceduresSystem Security Plans (SSPs), Risk Assessment, Reports (RARs), Plan of Action and Milestones (POA&Ms), and Security Control Traceability Matrices (SCTMs), and Configuration ManagementExperience implementing the Risk Management System (RMF)In-depth understanding of DoD Security Requirements Guides (SRGs), DoD Security Technical Implementation Guides (STIGs), Security Readiness Review (SRR), and NSA implementation guides.System Security Plans (SSPs), Risk Assessment, Reports (RARs), Plan of Action and Milestones (POA&Ms), and Security Control Traceability Matrices (SCTMs), and Configuration Management.Ability to manage Cybersecurity activities that must be performed by system owners, including annual refresher CS training or awareness briefings or requires a personal interface, including incident response or data transfers.Qualifications (Preferred). Understanding of DoD Security Requirements Guides (SRGs), DoD Security Technical Implementation Guides (STIGs), Security Readiness Review (SRR) and NSA implementation guides. P20