Information System Security Manager (ISSM) - (Sign-on Bonus Eligible)

Information System Security Manager (ISSM)

Be the Difference

Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S.

Astrion has an opportunity for a Principal Systems Cybersecurity professional to serve as the Information System Security Manager (ISSM) in the C3I and Infrastructure Division (AFLCMC/HNI) which focuses on providing enterprise support to over 110 active Air Force, Air National Guard (ANG), and Air Force Reserve installations and bases.

This position will be supporting the IT and Cyber Infrastructure directorate working on Cloud One programs. Cloud One (C1) is the Air Force evolution to standardized platforms and application support services providing secure cloud environments, engineered environments, and cyber security solutions.

JOB DETAILS

LOCATION: Hanscom, AFB, Massachusetts

JOB STATUS: Full-Time

TRAVEL: Occasionally

REQUIRED QUALIFICATIONS / SKILLS

• MA/MS and 15 years of experience, of which 10 years must be in cybersecurity

• DoDD 8140 compliant IAM Level III certification, such as the Global Information Assurance Certification, Security Leadership Certification, Certified Information Security Manager and/or CISSP is required
• Top Secret level Clearance

RESPONSIBILITIES

The Cybersecurity Subject Matter Expert (Principal) serves as the Information System Security Manager (ISSM) and acts as technical advisors to AOs, are primarily responsible for maintaining the overall security posture of the systems within their organization and are accountable for the implementation of DoDI 8510.01. The organization's cybersecurity program is developed by ISSMs that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures. ISSMs are also in charge of the continuous monitoring of systems within their purview to ensure compliance with cybersecurity policies. Responsibilities of an ISSM include, but are not limited to:

• Support implementation of the RMF.
• Perform the ISSM duties as outlined in DoDI 8510.01 and DoDI 8500.01 for assigned systems/applications.
• Develop and maintain a formal Information Systems security program and policies for their assigned area of responsibility.
• Supporting the system/application A&A effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., RMF).
• Ensure proper measures are taken when an Information System incident or vulnerability is discovered.
• Maintain and report IS and Platform Information Technology systems assessment and authorization status and issues in accordance with DoD Component guidance.
• Provide direction to the ISSO in accordance with DoDI 8500.01.
• Ensure that ISSOs are appointed in writing and provide oversight to ensure they are following established cybersecurity policies and procedures.
• Coordinate with the organization's security manager to ensure issues affecting the organization's overall security are addressed appropriately.
• Ensure that Information Owners and stewards associated with DoD information received, processed, stored, displayed, or transmitted on each DoD Information Systems and Platform Information Technology system are identified in order to establish accountability, access approvals, and special handling requirements.
• Maintain a repository for all organizational or system-level cybersecurity-related documentation.
• Monitor compliance with cybersecurity policy, as appropriate, and review the results of such monitoring.
• Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations.
• Ensure implementation of Information System security measures and procedures including reporting incidents to the AO and appropriate reporting chains, and coordinating system-level responses to unauthorized disclosures in accordance with DoDM 5200.01, Volume 3, DoD Information Security Program: Protection of Classified Information or DoDI 5200.48, Controlled Unclassified Information (CUI), respectively
• Ensure handling of possible or actual data spills of classified information resident in ISs, are conducted in accordance with DoD 5200.01, Volume 3.
• Act as the primary cybersecurity technical advisor to the AO for DoD Information Systems and Platform Information Technology systems under their purview.
• Ensure that cybersecurity-related events or configuration changes that may impact DoD Information Systems and Platform Information Technology systems authorization or security posture are formally reported to the AO and other affected parties, such as IOs and stewards and AOs of interconnected DoD Information Systems.
• Ensure the secure configuration and approval of IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to a DoD Information System or Platform Information Technology system.
• Ensure that ISSOs author, monitor, and record system information in applicable databases. Prepare and record system, security status, and portfolio management information into the EITDR for Federal Information Security Management Act; Security, Interoperability, Supportability, Sustainability, Usability; Clinger Cohen Act; and other statutory compliance.
• Author, review, certify, and/or maintain IA and security management plans to include RMF Implementation Plans, System Security Management Plans, Information Support Plans, PPPs, Security Risk Analyses, Security Vulnerability and Countermeasure Analyses, Security Concepts of Operations, OPSEC Plans, and other system/network security related documents.
• Perform ISSM/ISSO duties as outlined in DoDI 8510.01 for assigned systems/applications.

What We Offer

• Competitive salaries
• Continuing education assistance
• Professional development allotment
• Multiple healthcare benefits packages
• 401K with employer matching
• Paid time off (PTO) along with a federally recognized holiday schedule

Who We Are

At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to "Be the Difference". This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves.

We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of what's possible. We promote collaboration and empowering our teams is at the core of our success.

Join Astrion and Be the Difference in your career and the world!

Astrion is an Equal Employment Opportunity/Affirmative Action Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.