Sr Information Assur Cyber Spec II – ISSM (Tewksbury)

Sr Information Assur Cyber Spec II – ISSM
This position is for an Information System Security Manager (ISSM) at Raytheon IDS in Tewksbury, MA and is responsible for the Information Assurance program as stipulated by various US Government requirements including (but not limited to): National Industrial Security Operating Manual (NISPOM) and related documentation such as the Office of the Designated Approving Authority (ODAA) Process Manuals, Baseline Technical Security Configuration Standards as well as customer/contract specific Information Assurance (IA) regulations.

Components of the IA program include Certification and Accreditation (C&A) activities (documentation preparation, system configuration/validation, certification testing, etc.), security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.), conducting self-inspections, audit trail review, and delivering information systems security education and awareness. This position manages the IA incident response program as well as interfaces with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel and government security representatives.

NOTE: The candidate must obtain and maintain an IS professional certification commensurate with DoD 8570.1-M Level 3 requirements (CISSP, other) within six months of hire date.

Required Skills:

· 6+ years Information Security or related IT experience

· Experience with the NISPOM (Chapter 8 as well as familiarity with other Chapters), ODAA Process Manual, Baseline Technical Security Configuration Standards, JAFAN, Risk Management Framework (RMF), etc. (i.e. DCID, ICD)

· Currently hold a Secret Clearance

· Experience with certifying compliance and auditing the security aspects of various operating systems (Windows, Linux, Solaris, etc.)

· Previous experience with complex Wide Area Networks and Information Systems (Multi-Program Interconnection, PL-2)

· Ability to obtain and maintain Information Security professional certification commensurate with DoD 8570.1-M Level 3 requirements (CISSP or other)

Required Education:

· Bachelor’s degree in either Computer Science, Information Systems Management, Information Technology, Criminal Justice, Business or other relevant degree

Desired Skills:

· Experience developing IS security plans, policy and procedures for complex networks (contractor and government wide area networks).

· Design and implement a process to identify and mitigate specific risks within the security environment.

· Understands and leverages IDS business knowledge to achieve results (financial, manpower, etc).

· Ability to apply information system knowledge to other government compliance documents (JAFAN, DCID, ICD).

· Excellent communication skills (written & oral).

· Customer focused and has excellent time management skills.

· Experience with development and delivery of IA related briefings and training material to all organizational levels.

· Experience with Interconnected Security Agreements (ISA), Network Security Plans (NSP), Memorandum of Agreement/Understanding (MOA/U)

· Ability to develop and defend Basis of Estimates

· Utilize forward thinking to anticipate customer/government changes and challenges

· Ability to handle difficult people and/or situations in high pressure environments and make tough decisions

· Must be flexible and work with limited supervision

The following courses can be completed at the DSS Training Website: https://stepp.dss.mil/SelfRegistration/Login.aspx

· Intro to Industrial Security (IS011.16 / .06)

· Safeguarding Classified Info (IS109.16 / .06)

· Cyber Security Awareness (CI130.16)

· Risk Management Framework – RMF (CS100.CU)

· Continuous Monitoring (CS200.16)

· Special Access Program Overview (SA001.16 / 06)

Key Words:
NISPOM DD254 Security Windows UNIX LINUX Information Systems Security Information Assurance Certification and Accreditation Cyber Software Engineer Computer Science MIS Management Information Systems ISSO CISSP CISM JAFAN DCID ISSM Information Security Information Technology IT Auditing Cyber DSS C&A IA IAM IAO RMF Risk Management Framework 92479