Redwire Space - Littleton, CO
posted 2 months ago
Full-time - Manager
Littleton, CO
About the position
The Information Systems Security Manager (ISSM) is responsible for leading a team of Information Systems Security Officers to ensure the secure operations of networks at the Littleton, Colorado facility. This role involves advising the Chief Information Officer (CIO) and Chief Information Security Officer (CISO) on information assurance programs, maintaining operational security posture, and managing day-to-day security operations. The ISSM will also serve as the ISSO for the location, implementing security policies and overseeing incident response planning.
Responsibilities
- Reports to the Chief Information Systems Officer (CISO) and collaborates with Facility and Personnel Security Teams.
- Establish and implement a strategic, comprehensive enterprise information security and IT risk management program.
- Demonstrate leadership and decision-making skills to manage a team for enterprise security implementation.
- Lead incident response planning and oversee investigations of security breaches and incident reporting.
- Provide input on disciplinary and legal matters associated with security breaches and incidents to the CIO and CISO.
- Learn the role of the CISO and develop skills to act in a Deputy CISO capacity.
- Implement an NSA COMSEC account and oversee COMSEC users.
- Develop and maintain information systems security implementation policy and guidelines using the Risk Management Framework (RMF).
- Prepare and review Authorization to Operate (ATO) documentation and support security authorization activities in compliance with relevant standards.
- Maintain configuration management documentation for information system security software, hardware, and firmware.
- Serve as Information Assurance representative on Configuration Change Boards (CCB).
- Maintain Continuous Monitoring (CM) Program for assigned systems, including vulnerability scans and audit log checks.
- Assist architects and systems developers in implementing appropriate information security functionality.
- Ensure all IAOs, network administrators, and cybersecurity personnel receive necessary technical and security training.
- Conduct cybersecurity-related training for system users.
- Ensure approved procedures are in place for clearing, sanitizing, and destroying hardware and media.
- Serve as Trusted Agent for assigned systems.
- Work with System Administrators to define, implement, and test security controls.
- Document security events and incidents in coordination with Facility Security Office.
- Maintain professional and technical knowledge through workshops, publications, and networking.
- Coordinate with IT management for planning, installation, and certifications of new network infrastructure.
Requirements
- Currently holds or can obtain Top Secret Clearance at both SCI and SAP levels.
- Bachelor's degree or higher in cybersecurity or information security with 12 or more years of experience, or equivalent experience in lieu of degree.
- Meets DoD IAT Level I requirements, such as maintaining a current CompTIA Security Plus certification.
- Experience leading a team of Information Security Professionals.
- Experience with DoD, federal, or DoD Contractor classified information systems.
- Experience using NIST Special Procedures 800-53, 800-37, and 800-171.
- Experience preparing DoD Authority to Operate (ATO) or Authority to Connect (ATC) documents for approval.
- Successful completion of SAP and DCSA audits of Information Systems.
Nice-to-haves
- Familiarity with various tools to capture, organize, and audit security-related events.
- Familiarity with TEMPEST requirements and certifications.
- Foundational understanding of Communications Security (COMSEC).
- Foundational understanding of basic networking technologies (routers, switches, proxies, etc.).
- Foundational understanding of basic security technologies (IDPS, firewalls, antivirus, SIEM, etc.).
- Foundational understanding of threat identification and mitigation.
- Foundational understanding of vulnerability scanning and management.
- Fundamental understanding of encryption technologies used for data in transit and data at rest.
- Foundational understanding of information system security design and compliance.
Benefits
- Highly competitive salary range of $137,500 - $215,000.
- Commitment to core values of Integrity, Innovation, Impact, Inclusion, and Excellence.
