Information Systems Security Manager (ISSM)

Posted 12 Hours Ago
Be an Early Applicant
Woburn, MA
Mid level
Machine Learning • Security • Software • Analytics • Defense
STR Harnesses the power of technology to solve the nation's hardest problems.
The Role
The ISSM will oversee the Cybersecurity program, ensuring compliance with government regulations through audits, assessments, and collaboration with other cybersecurity professionals. The role includes maintaining security posture, documentation, and response to incidents in a secure environment.
Summary Generated by Built In

About the Team:

The Security team at STR is comprised of highly skilled professionals who are responsible for maintaining compliance IAW with Government protocol and directives. 

The Classified Cybersecurity (CCS) team consists of a collaborative group of ISSM’s, ISSO’s, and ISSE’s who are passionate about national security that take great pride in maintaining confidentiality, integrity, and availability of our systems. 

The Role:

STR has an exciting opportunity for an ISSM to function as a key contributor for classified programs Cybersecurity/Risk Management Framework (RMF) posture in accordance with government directives and program requirements. 

In this dynamic position you will interface and collaborate with other Cybersecurity professionals (ISSO’s, ISSE’s), Security professionals (CPSO’s, FSO’s), and System Administrators, on overall compliance and configuration change management.

Please note…this is not a remote role and requires you to be onsite.

Responsibilities:

  • Responsible for the Cybersecurity program as stipulated by various US Government requirements including (but not limited to): Intelligence Community Directive (ICD) 503, Joint Special Access Implementation Guide (JSIG), National Industrial Security Operating Manual (NISPOM), and the DCSA Assessment and Authorization Process Manual (DAAPM)
  • Monitor cybersecurity compliance by performing periodic self-inspections, tests, and reviews of information systems to ensure that workstations/servers are operating as authorized/accredited.
  • Coordinate with program/project stakeholders, Cybersecurity staff (other ISSM’s, ISSO’s, ISSE’s), the Facility Security Officer (FSO), Contractor Program Security Officer (CPSO), and other Security and IT team members to define, implement and maintain an acceptable information systems security posture.
  • Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis.
  • Performs Assessment and Authorization (A&A) activities such as information system certification testing of required configuration controls and preparing/maintaining various documentation such as: Standard Operating Procedures (SOP), System Security Plan (SSP), Risk Assessment Report (RAR), Security Controls Traceability Matrix (SCTM), etc.
  • Manages and maintains Continuous Monitoring (ConMon)/Plan of Action and Milestones (POA&M) reports.
  • Responsible for security sustainment activities including (but not limited to): hardware change management, software change management, account management, media protection, user interface, file transfers, etc.
  • Assists the FSO, CPSO and Computer Incident Response Team (CIRT) in data spill incident response.
  • Maintain thorough understanding of NIST 800-53 controls, determines controls applicable to the application, and documents control implementation in the SCTM.
  • Perform other tasks as assigned by manager.

Requirements:

  • This position requires an active Top Secret security clearance, with the ability to obtain SAP and SCI access.
  • DoD 8570 IAM Level III certification (CISM, CISSP, etc.)  
  • Two (2) to four (4) years’ experience as an ISSM implementing DAAPM, JSIG, and/or ICD 503 IS requirements.
  • Previous security experience working in a SAP/SCI environment.
  • Familiarity/knowledge of vulnerability/compliance/audit tools (Nessus, SCAP, Splunk, etc.).
  • Experience with configuration/certification and auditing/analysis of Windows/Linux operating systems in a Peer-to-peer, LAN & WAN network environment.
  • Familiarity/understanding using authorization/accreditation databases (eMASS, Xacta, SNOW, etc.).
  • Excellent communications skills.
  • Demonstrated strong critical thinking and problem-solving skills.
  • Detail oriented and self-motivated.
  • Ability to effectively prioritize multiple projects.
  • Ability to work with people in a team environment and deal effectively with changing project priorities.
  • Strong customer service skills.

 

 

STR is a growing technology company with locations near Boston, MA, Arlington, VA, near Dayton, OH, Melbourne, FL, and Carlsbad, CA. We specialize in advanced research and development for defense, intelligence, and national security in: cyber; next generation sensors, radar, sonar, communications, and electronic warfare; and artificial intelligence algorithms and analytics to make sense of the complexity that is exploding around us.

STR is committed to creating a collaborative learning environment that supports deep technical understanding and recognizes the contributions and achievements of all team members. Our work is challenging, and we go home at night knowing that we pushed the envelope of technology and made the world safer.

STR is not just any company. Our people, culture, and attitude along with their unique set of skills, experiences, and perspectives put us on a trajectory to change the world. We can't do it alone, though - we need fellow trailblazers. If you are one, join our team and help to keep our society safe! Visit us at www.str.us for more info.

STR is an equal opportunity employer. We are fully dedicated to hiring the most qualified candidate regardless of race, color, religion, sex (including gender identity, sexual orientation and pregnancy), marital status, national origin, age, veteran status, disability, genetic information or any other characteristic protected by federal, state or local laws.

If you need a reasonable accommodation for any portion of the employment process, email us at [email protected] and provide your contact info.

Pursuant to applicable federal law and regulations, positions at STR require employees to obtain national security clearances and satisfy the requirements for compliance with export control and other applicable laws.

 

 

Top Skills

Cybersecurity
Nessus
Nist 800-53
Risk Management Framework
Scap
Splunk

What the Team is Saying

Obinna
Noam
Erez
The Company
HQ: Woburn, MA
600 Employees
Hybrid Workplace
Year Founded: 2010

What We Do

STR makes the world a safer place by developing technology and applying it to solve emerging national security challenges.

Why Work With Us

We believe in a people-first culture. Yes, we are scientists, engineers, and researchers, but first, we are people. Our environment is designed to foster innovation by encouraging our employees to work collaboratively on things they are passionate about. We also really like to have fun. We believe that working hard and playing hard go hand in hand.

Gallery

Gallery
Gallery
Gallery
Gallery

STR Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Not Specified
HQWoburn, MA

Similar Jobs

STR Logo STR

Systems Administrator

Machine Learning • Security • Software • Analytics • Defense
Woburn, MA, USA
600 Employees

STR Logo STR

Vulnerability Researcher

Machine Learning • Security • Software • Analytics • Defense
Woburn, MA, USA
600 Employees

STR Logo STR

Cyber Principal Investigator

Machine Learning • Security • Software • Analytics • Defense
Woburn, MA, USA
600 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account