Information Systems Security Manager (ISSM)

TRISTAR is seeking a Information Systems Security Manager (ISSM) for our upcoming government customer in MacDill AFB, FL

• The Information Systems Security Manager (ISSM) will support PEO SDA, USSOCOM Components, TSOCs, and others to include Foreign Military Sales (FMS) as mission dictates, by providing technical and analytical mission planning, execution, and post-mission system support
• Mission planning is critical to special operations, the mission planning, execution, post-mission system/device will be maintained in a serviceable status to support combat/contingency operations
• The overall goal will be to achieve a system/device availability of 95% and a maintenance turnaround time of less than 24 hours from the time of notification within Continental United States (CONUS) and manned Outside the Continental United States (OCONUS) locations
• Support will be characterized by two (2) levels: Level I (Critical/Urgent) support will be defined as critical or emergency support to the mission planning and execution system/device
• This level of support will be completed within 72 hours or as mission requirements dictate
• Level II (Routine) support will be defined as cyclical support to the mission planning and execution system/device
• This level of support will be completed within 30 days or as mission requirements dictate

Position Responsibilities

• Promote system security to include all relevant hardware and software aligned under the Program, is properly configured, and documented, complies with DoD Intelligence Information Systems (DoDIIS) Security Certification and Accreditation guide, and the Defense Information Systems Agency's (DISA) Security Requirement Specifications
• Initiate, review, coordinate, and complete all documents, certifications, and accreditations required for equipment, systems, software, and/or networks associated with the PMO and its associated projects
• Develop and maintain necessary documentation in accordance with government directives and assist in the formation of security test plans
• Conduct security engineering reviews to ensure security mechanisms are built into any new capabilities and upgrades
• Manage the configuration and management release process for each software release/patch as they become available. Coordinate with J62 Cybersecurity accreditors to ensure timely approval of all software releases
• Administer the PMO's security strategy for mitigating security incidents (such as data spillage, unauthorized access, code injection, etc.)
• Provide risk mitigation recommendations to ensure better security while considering the user's operational needs
• Assess and enhance current policies and procedures to ensure that security checks are upgraded in line with best practices
• Evaluate network security posture by running scans using USSOCOM Information Assurance (IA) standard scanning tools and comparing results against DISA Standard Technical Implementation Guides (STIGS) to determine severity of the findings
• Provide results of findings to system engineers and assist their efforts to remediate any negative findings to bring reports into compliance with IA policies and procedures

• Experience with RMF artifacts, obtaining and maintaining system ATOs, and implementing new and complex technologies at multiple classification levels within large enterprise environments
• Experience performing continuous monitoring and cybersecurity hygiene of a windows domains and network enclaves
• Problem solving and time management capabilities
• 5 years of experience working with federal/government agencies in sensitive and classified environments
• Experience with Risk Management Framework (RMF), NIST 800-53, DAPPM, and other legal and regulatory guidance
• Excellent customer relations and customer support skills
• Experience working in a team-oriented, collaborative environments
• MUST be a US Citizen
• An ACTIVE Top Secret Clearance with SCI Eligibility is required

Education and/or Certification

• Bachelors Degree in Information Security, Information Technology, or related discipline, or equivalent experience/combined education, with 5+ years of professional experience
• Must have and maintain a DoD 8570.01-M (Information Assurance Workforce) IAM level 1 certification (e.g. Security+, GSLC, CISM, or CISSP)

About TRISTAR

TRISTAR is a professional services company supporting U.S. Department of Defense programs. Our core competencies include Electronic Warfare, Enterprise Management, Full Spectrum Cybersecurity, Information Technology, Digital Transformation, Software Engineering and Development, Maritime Modernization and Engineering, and Technical Solutions. Founded in March 1995, TRISTAR has built an employee-focused collaborative environment enabling our team of professionals to create and deliver customized solutions to meet mission critical challenges.

TRISTAR provides Equal Employment Opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.