Information Systems Security Manager
Overview:
Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad.Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted.
The Cybersecurity Team under SPA’s Information Technology Department establishes and maintains a robust cybersecurity posture and policy architecture across SPA's information systems. The team manages cyber policy, develops control implementations and system security plans, continuously monitors SPA systems, and performs routine cyber operations including patching, auditing, and incident response.Cybersecurity is critical to SPA's mission, therefore we strive to offer secure solutions that ensure data is protected while meeting the needs of the business.
In this role, you will serve as the Information Systems Security Manager for multiple systems operating under SPA's Intelligence Programs Group. This requires the individual to operate with autonomy while interfacing directly with SPA clients and leaders overseeing the business unit's operation.
SPA has an immediate or near term need for an Information Systems Security Manager.
Responsibilities:
With minimal supervision, the Information System Security Manager (ISSM) maintains day-to-day Cybersecurity posture and continuous monitoring of classified information systems. The ISSM conducts reviews and technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.In this role, you will report to the CISO while preparing and maintaining security Assessment and Authorization (A&A) documentation, performing audits, leading incident response activities, interfacing with Government personnel, and maintaining a thorough understanding of NIST 800-53 controls and other Government directed actions.
As the ISSM, you will be expected to collaborate with SPA and Government members to respond to data calls, support technical reviews and formal government-driven assessments.
Qualifications:
Required Qualifications:
- Active TS/SCI security clearance and a CI Polygraphy within the last 10 years
- Bachelor’s degree in an Information Technology related field or equivalent work experience and certifications
- 5 years’ experience in information system security with 2 or more year’s direct experience as an ISSM, ISSP, Security Control Assessor (SCA), or equivalent position
- Must meet Department of Defense 8140 certification requirements at IAM Level II; acceptable certifications include Sec+, CISSP, CISM, GSLC, and CAP
- Experience with the Service Now, Tenable and Splunk
- Ability to exercise independent judgment and to work autonomously with minimal supervision
Desired Qualifications:
- Experience validating system compliance using software applications
- Experience performing Vulnerability Management activities
- Experience configuring systems for compliance using a myriad of Security Technical Implementation Guides (STIGs) and STIG Viewer
- 3 years experience working in a classified systems administration role