Draper - Reston, VA
posted about 2 months ago
Full-time - Mid Level
Reston, VA
1,001-5,000 employees
Furniture and Related Product Manufacturing
About the position
The Information Systems Security Manager (ISSM) at Draper will lead the Information Assurance (IA) program for various Department of Defense (DoD) and Special Program efforts. This role involves overseeing cybersecurity measures, ensuring compliance with security requirements, and managing risks associated with information systems. The ISSM will work closely with stakeholders to address security incidents and vulnerabilities while providing strategic input for disaster recovery and operational continuity plans.
Responsibilities
- Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
- Document and escalate incidents that may cause ongoing and immediate impact to the environment.
- Perform cyber defense trend analysis and reporting.
- Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
- Work with stakeholders to resolve computer security incidents and vulnerability compliance.
- Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.
- Perform risk analysis whenever an application or system is implemented or changed.
- Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures.
- Perform other duties as assigned.
Requirements
- Bachelors Degree in Computer Science/Cybersecurity/Information Technology or equivalent field of study required.
- 5-7 years of experience as an ISSM, or performing as an ISSO, implementing DCSA Assessment and Authorization Process Manual (DAAPM), DoD Joint Special Access Program Implementation Guide (JSIG), and/or Intelligence Community Directive (ICD) 503 Risk Management, Certification and Accreditation requirements.
Nice-to-haves
- Ability to configure and review security functions of information systems.
- Ability to conduct security analyses, including security configurations and risk assessments.
- Familiarity working with DoD/IC Security Control Assessors.
- Familiarity with C2G/C2C interconnected systems and/or Wide Area Network (WAN) environments.
- Understanding of virtual environments and containerization tools/technologies.
- Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
- Ability to apply techniques for detecting host and network based intrusions using intrusion detection technologies.
- Ability to function effectively in a dynamic, fast paced environment.
- Strong interpersonal skills with effective verbal and written communication skills.
- Clear and structured thought processes and coherent decision making skills.
Benefits
- Workplace flexibility
- Employee clubs ranging from photography to yoga
- Health and finance workshops
- Off site social events
- Discounts to local museums and cultural activities
