Information System Security Manager (ISSM)
Gibbs & Cox

Arlington, Virginia

Posted in Defence and Military


This job has expired.

Job Info


Join a team with EXCELLENCE, LOYALTY and INTEGRITY!

Gibbs & Cox is an independent engineering and design firm specializing in naval architecture, marine engineering, management support, and engineering consulting. The firm is headquartered in Arlington, Virginia with offices in New York City, New Orleans, LA, Newport News, VA, Chesapeake, VA, Philadelphia, PA, and Yarralumla, Australia. Gibbs & Cox is the largest independent and privately-owned Naval Architecture and Marine Engineering Firm in the United States, and has been serving the government, commercial, and recreational markets worldwide since 1929. Our quality system is certified to ISO 9001:2015 for design, engineering, program management, and administrative services.

Gibbs & Cox is an EEO/An Affirmative Action M/F/D/V Employer

General Description:
Position Summary and Responsibilities

We are seeking a highly motivated and talented Information System Security Manager (ISSM) for our Arlington, VA operations. In this role, you will contribute to IS Security Management and oversight of our classified and unclassified information systems in support of corporate needs. You will provide technical expertise in safeguarding internal G&C classified and unclassified information technology systems. You will be part of a team to ensure that policies, procedures, and Information Assurance system hardening (ensuring system availability, integrity, authentication and confidentiality) is in place as required. This is a hands-on role requiring deep domain knowledge of network security tools and applications. You will be modifying and updating SIEMS, IDS/IPS, firewall, and access control lists to detect, protect, and respond to security events and incidents. You will monitor and proactively address security threats, resolve technical issues, and allocate resources to deliver latest security solutions in a cost-effective manner. You will conduct activities in concert with our internal IT department and external security vendors, and provide security reports and updates directly to executive leadership.

General Duties:
Candidate Background, Knowledge, Skills and Abilities

  • 10+ years of experience in information security engineering or similar discipline
  • Minimum 5 recent years computer operating systems administration experience (Windows or Linux).
  • Minimum of 5 recent years information technology experience working in a classified computer facility in information, intelligence, or security areas.
  • Minimum of 5 recent years writing System Security Plans (SSPs) as an ISSO or related role.
  • Deep expertise in National Industrial Security Program Operating Manual (NISPOM), Intelligence Community Directives (ICD) security requirements or the Risk Management Framework (RMF).
  • Minimum of 5 years working experience of the Classified Assessment and Authorization (A&A) process with NISPOM, ICD, JSIG security frameworks/policies.
  • Perform self-inspections, provide security coordination and review of system test plans
  • Identify vulnerabilities and work with other subject matter experts to remediate and mitigate them
  • Excellent organizational, communication skills and the ability to effectively interact with managers and technical staff.
  • Ability to identify and troubleshoot complex security issues within systems or networks
  • Ability to develop and execute security plans, such as, Vulnerability Management Plan, Security Assessment Plan, Incident Response Plan, etc.
  • Experience with hardware, software, and processes necessary to develop security solutions
  • Ability to lead design, development, integration, testing, and deployment of security solutions
  • Experience with security tools for monitoring, assessing, and analyzing systems
  • Sourcing and implementing new security solutions to better protect the organization
  • Conducting proactive research to analyze security weaknesses and recommend appropriate strategies
  • Coordinating and reporting cybersecurity incidents to appropriate authorities
  • Installing security measures and operate software to protect systems and information infrastructure, including network security tools and data encryption programs
  • Identifying current and emerging technology security issues, trends, vulnerabilities, and threats

Required:
Must be a current DoD ISSM/ISSO with an active clearance
Technical Qualifications:

  • Demonstrated success in configuring systems and completing DCSA artifacts to achieve ATO.
  • Deep Knowledge of best practices and security requirements, including DISA STIGs, SRGs, and IA tools
  • Deep Knowledge of NIST publications, such as, SP 800-37, 800-53, and 800-171
  • Experience with Linux and/or Windows Operating Systems

Certifications:
Active DoD 8570 certification (Security or CISSP), or ability to obtain DoD 8570 certification within 6 months of employment required.
  • Security+
  • CEH
  • GSEC
  • CAP
Security Requirements:
MUST BE A U.S. CITIZEN

Applicant will be subject to a security investigation.
Applicant must have a current DoD clearance.


This job has expired.

More Defence and Military jobs



Get Hired Faster

Subscribe to job alerts and upload your resume!

*By registering with our site, you agree to our
Terms and Privacy Policy.