Information System Security Manager (ISSM) (Entry/Mid-Level) Position Available In Madison, Alabama

Information System Security Manager (ISSM) (Entry/Mid-Level) Applied Research Associates, Inc – 4.0

Huntsville, AL Job Details Full-time Estimated:

$100K – $130K a year 2 days ago Qualifications Top Secret Clearance Operating systems

GPO TS/SCI CISSP

Secret Clearance Mid-level Windows Information security Nessus Bachelor’s degree NIST standards Computer hardware DoD 8570 Computer skills Linux CompTIA Security+ RMF 2 years Full Job Description The Analytical Solutions Division (ASD) of Applied Research Associates (ARA), Inc (www.ara.com) has an exciting opportunity for a full-time Information System Security Manager (ISSM) on-site at our Huntsville, AL location. ISSM is responsible for overseeing security operations in compliance with the 32 CFR Part 117 National Industrial Security Program Operating Manual (NISPOM). Interface with the Defense Counterintelligence and Security Agency (DCSA), managing security policies, conducting assessments, and ensuring the integrity of security systems. Responsible for the planning, organization, maintenance, and compliance of multiple classified systems in accordance with NISPOM, risk management framework (RMF) requirements, and DCSA Assessment & Authorization Process Manual (DAAPM). Develop policy, guidance, and establish implementation and oversight plans to ensure compliance with Risk Management requirements. ISSM will also serve as the Facility Security Officer to handle personnel clearance processing and maintain facility clearance activities and provide administrative security support associated with the receipt, distribution, inventory, reproduction and disposition of classified material. For this position, ARA will only consider applicants with an active SECRET Security Clearance or higher. Position is not eligible for remote work schedule. Collaborate with Project Managers (PMs) or Information System Owners (ISO) in maintaining current authorization to operate, and approval to connect for all systems and networks, and in implementing corrective actions identified in the plan of action and milestones Conduct recurring Cybersecurity reviews on information systems in accordance with DoD RMF practices, DCSA Assessment and Authorization Process Manual (DAAPM), NIST 800-53 Special Publications, customer directives, and company policies as applicable. Audit information systems to ensure compliance with security policies and procedures Manage user access and conduct user briefings as required Schedule mandatory Information System patching, updating, and scanning based on vulnerabilities and threats or regulatory compliance; maintain the day-to-day security posture and continuous monitoring for all systems Investigate classified spills/incident response or other security-related incidents to DCSA and recommend corrective actions Apply physical security concepts to maintain current Facility Clearance Level (FCL) and approved safeguarding Manage the Access Control/Alarm System in accordance with DoD standards Must Haves as an

ISSM:

Must possess a U.S. Department of Defense (DoD) Secret security clearance with the ability to obtain Top Secret clearance Must be a U.S. Citizen 2+ years’ experience as

NISPOM ISSO/ISSM

Experience with security assessment/hardening tools, i.e., STIGs, SCAP, GPO, NESSUS, etc. Possess strong understanding of computer operating systems (Windows and Linux), software and computer hardware Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities. Must be able to initiate communication with management and various government agencies for support and/or compliance requirements Knowledgeable in all areas of security (physical, personnel, information, communication, insider threat etc.) specialties, concepts, principles, criteria, requirements, technology, tracking and electronic security practices Knowledgeable of NISPOM and DCSA reporting requirements specifically in regard to security incidents and violations Must have the following certificates, or must be completed within 6 months of hire: FSO Program Management for Possessing Facilities Curriculum (IS030.CU), ISSM Required Online Training

DAAPM – 2.6

Program Risk Management Framework (CS100.CU), CompTIA Continuous Monitoring (CS200.16), Introduction to the Risk Management Framework (CS124.16), Introduction to Industrial Security (IS011.16), Introduction to Information Security (IF011.16), Introduction to Personnel Security (PS113.16), Introduction to Physical Security (PY011.16) This will “WOW” us if you have the following: Active DoD TS/SCI Clearance Possess a DoD 8570 IAM-I level professional certification, Security + or CISSP Proficient in IA Security specifications such as Risk Management Framework (RMF) and

NIST SP 800-53

Working knowledge of eMASS application/DISS/NBIS Please apply at careers.ara.com for the Information System Security Manager (ISSM) position. #LI-AB1 Experience Required 2 – 4 years: Direct Relevant NISPOM ISSO/ISSM or equivalent experience Education Preferred Bachelors or better Licenses & Certifications Preferred

STEPP FSO PM

for Poss Fac Physical Security Prof Intro to

NISP C&A

Process IS Security Professional Industrial Security Pro Comp TIA Security+ Cert. Info. Sec.

Manager Cert Info Sys Secur Prof Behaviors Preferred Detail Oriented:

Capable of carrying out a given task with all details necessary to get the task done well

Dedicated:

Devoted to a task or purpose with loyalty or integrity

Functional Expert:

Considered a thought leader on a subject

Motivations Preferred Self-Starter:

Inspired to perform without outside help

Goal Completion:

Inspired to perform well by the completion of tasks Ability to Make an

Impact:

Inspired to perform well by the ability to contribute to the success of a project or the organization

Work-Life Balance:

Inspired to perform well by having ample time to pursue work and interests outside of work Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.