Information Systems Security Manager (ISSM)/COMSEC Custodian

About the position

The Information Systems Security Manager (ISSM)/COMSEC Custodian at L3Harris is responsible for overseeing the security of information systems in support of Department of Defense programs. This role involves developing and maintaining security policies, conducting risk assessments, and ensuring compliance with regulatory requirements. The ISSM will also manage cryptographic materials and provide leadership in cybersecurity initiatives, working closely with various teams to enhance the security posture of the organization.

Responsibilities

• Review and develop information system accreditation/certification support documentation.
• Interact with customers regarding changes affecting information system accreditation/certification.
• Perform system and network self-inspections to identify vulnerabilities and implement countermeasures.
• Create and update program policies and maintain information system security records.
• Develop and conduct risk assessment procedures for RMF safeguards.
• Author and oversee RMF package artifacts including System Security Plan (SSP) and Security Control Traceability Matrix (SCTM).
• Coordinate with internal/external partners to establish system security designs and validate compliance requirements.
• Analyze and administer security controls for information systems.
• Monitor IA Program compliance through periodic self-inspections and reviews.
• Manage electronic keying material and Controlled Cryptographic Items (CCI) material.
• Conduct Cybersecurity training and briefings for various employee levels.

Requirements

• Active DoD Secret clearance required.
• Bachelor's Degree in Cybersecurity or similar field with a minimum of 6 years of relevant experience, or a Graduate Degree with 4 years of experience, or 10 years of relevant experience in lieu of a degree.
• Experience with Windows 10 and 11 operating systems and related peripherals.
• Proficiency in Microsoft Office products.
• Experience with RMF/Assessment and Authorization safeguards.
• Security + or DD8570 equivalent certification or completion of KMI Training Course.
• Experience performing COMSEC activities such as audits and inventories.
• Ability to interpret and apply NSA COMSEC security policies.

Nice-to-haves

• Experience with SPLUNK, Security Center/Nessus, and other security software/systems.
• Experience with configuration/certification and auditing of Windows, Linux, UNIX systems.
• Knowledge of risk management and mitigation strategies.
• IAM Level II or III Certification (Sec +, CISSP, CISM etc.).
• Excellent organizational, decision-making, and problem-solving skills.

Benefits

• Inclusive and engaging work environment.
• Opportunities for professional growth and development.