Information System Security Manager (ISSM)
$170,000 - $190,000/Yr
Modern Technology Solutions - Colorado Springs, CO
posted about 1 month ago
Full-time - Senior
Remote - Colorado Springs, CO
11-50 employees
Professional, Scientific, and Technical Services
About the position
The Information System Security Manager (ISSM) at Modern Technology Solutions, Inc. (MTSI) is a Subject Matter Expert responsible for ensuring compliance with security regulations and leading the Information Assurance program for classified Information Systems (ISs) supporting the U.S. Space Force (USSF). This role involves maintaining security documentation, conducting risk assessments, and advising on security testing methodologies, all while working closely with various Department of Defense agencies.
Responsibilities
- Maintain a repository of security documentation including Systems Security Plans and Information Assurance Standard Operating Procedures.
- Develop and implement a security assessment plan.
- Perform risk assessments and make recommendations to DoD agency customers.
- Advise government program managers on security testing methodologies and processes.
- Schedule, perform, and maintain records of required auditing, patching, maintenance, and scanning.
- Develop, review, endorse, and recommend action to the AO or AODR pertaining to system assessment documentation.
- Ensure approved procedures are in place for clearing, sanitizing, and destroying hardware and media.
- Maintain a repository for all system authorization documentation and modifications.
- Develop policies, procedures, and corrective measures for responding to and reporting security incidents and violations.
- Ensure proper protection or corrective measures are taken when an incident or vulnerability is discovered.
- Develop and conduct test procedures for verification Assessment and Authorization (A&A) and RMF safeguards.
- Employ customer-approved procedures for sanitizing and releasing system components and media.
- Maintain a repository of security authorizations for ISs under the program office's purview.
- Assess changes to an IS by performing periodic self-inspections, tests, and reviews.
- Ensure corrective actions are taken for identified findings and vulnerabilities.
- Maintain a working knowledge of IS functions, security policies, and operational security measures.
- Coordinate with the Program Security Officer and other representatives to define and maintain information security policies.
- Implement policies and procedures for responding to security incidents and for investigating and reporting security violations.
- Ensure the development and presentation of classified IS security education and training activities.
Requirements
- 14+ years of experience in Cybersecurity (ISSO, ISSE, ISSM) or related discipline.
- Minimum of five (5) years of experience in SAP, SCI, or Collateral Information Systems (IS).
- Knowledge of cyber tools such as SIEM, vulnerability detection, scripting languages, and/or programming languages.
- Understanding of cybersecurity needs of systems at various stages of the system development life cycle.
- Experience with A&A documentation and system authorization artifacts for SAP and SCI systems.
- Knowledge of federal security requirements and mandates (e.g., RMF, FIPS, NIST).
- Experience with Assured File Transfers (AFTs), IS sanitization and destruction procedures, incident response, and hardware/software configuration management.
- Excellent oral and written communication skills.
- Strong customer service skills and ability to work with personnel across multiple disciplines.
- Strong organizational skills and ability to manage multiple tasks concurrently.
- Ability to work well independently or as a team member.
- Working knowledge of cloud development tools such as GitLab, Artifactory, JIRA & SonarQube.
Benefits
- Starting PTO accrual of 20 days PTO/year + 10 holidays/year
- Flexible schedules
- 6% 401k match with immediate vesting
- Semi-annual bonus eligibility
- Company funded Employee Stock Ownership Plan (ESOP)
- Up to $10,000 in annual tuition reimbursement
- Life and disability insurance
- Optional zero deductible Blue Cross/Blue Shield health insurance plan
