drjobs Info Systems Security Manager

Info Systems Security Manager

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Gainesville, FL - USA

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

Classification Title:

Info Systems Security Manager

Classification Minimum Requirements:

Bachelors degree in an appropriate area and six years of relevant experience; or a high school diploma or equivalent and ten years of relevant experience.

Job Description:

The ISSM serves as the principal advisor on all matters technical and otherwise involving the security of the Information Systems for FLARE. All duties and responsibilities are defined in the NISPOM and DAAPM. The ISSM will be affiliated with the UF Information Security Office (ISO) and solely dedicated to FLARE. As such the ISSM will perform these functions in coordination and collaboration with the UF ISO utilizing existing UF policies standards guidelines processes and technologies.

Administrative:
The ISSM is primarily responsible for maintaining the overall security posture of the systems within FLARE and is accountable for the implementation of the UF Risk Management Framework (RMF). This includes all documentation responsibilities including producing/developing security documentation (e.g. SSP POA&M reporting process and procedures and supporting artifacts etc.. This position also ensures that the user community understands and adheres to necessary processes and procedures to maintain security through a robust training and awareness program.

Security Engineering:
Ensuring the fulfillment of the Information Owner IO data requirements (e.g. storage processing AFT incident response collection dissemination and disposal). Performing cybersecurity (monitor audit analyze) enterprise information systems support for events to include unauthorized access insider threat hacking or penetration attempts from known threats identifying presence of unauthorized software or malicious code on both classified and unclassified networks and reporting them as necessary. Implementing security controls that protect the Information Systems IS during development testing and production stages. Implementing and maintaining the IS in accordance with the agreedupon security controls documented in the SSP. Taking necessary actions to proactively address issues and guide support personnel to preclude system failures or disruptions; identifying and addressing vulnerable computers that may be used in exploitation data infiltration and data compromise.

Operations:
Developing incident management change management and the Continuity of Operations Plan (COOP). Ensuring review of weekly bulletins and advisories that impact security of site information systems to include AFNOSCNSD ACERT NAVCIRT IAVA and DISA ASSIST bulletins. Ensuring that periodic testing is conducted to evaluate the security posture of the ISs by employing various intrusion/attack detections and monitoring tools. Manage COMSEC Support Emission Security and eMASS ITIPS or Xacta and manage UL2050 standards for closed rooms. Collaborate with UF Research Integrity Research Computing UFIT FLARE Security (AFSO and ASMs) and Director if/as necessary in order to maintain the overall security posture of operations.

Other: May be required to perform other duties as assigned by supervisor as needed.

Expected Salary:

Salary to commensurate with education and experience.

Required Qualifications:

Bachelors degree in an appropriate area and six years of relevant experience; or a high school diploma or equivalent and ten years of relevant experience.

Preferred:

KNOWLEDGE:

  • Requires intermediate level knowledge of client/server network topology network/infrastructure security network operating systems and web technologies.
  • Understanding of Risk Management frameworks as described in NIST SP 80037.
  • Knowledge of security and privacy requirements such as FISMA Security Requirements and their effects on delivering software to Federal Agencies.
  • Familiarity with multiplatform environments and their operational/security considerations.
  • Working Knowledge of Operating Systems such as: Linux Windows UNIX.
  • Working knowledge of LDAP Active Directory and other Identity Providers.
  • Understanding of middleware and web servers such as Apache and IIS JBoss.

SKILLS:

  • Requires intermediate level problem solving skills as well as teamwork and communication skills including speaking and writing skills.
  • Communication skills and knowledge of industry trends.

EXPERIENCE:

  • Minimum of 7 years of combined IT and security experience with a broad range of exposure to data networks systems and web monitoring tools techniques and threats.
  • Preference is for candidates with a background in systems administration.
  • Candidates must have experience implementing and supporting infrastructures that meet and adhere to the controls defined in the DoD Intelligence Information System (DoDIIS) Joint Security Implementation Guide (DJSIG) and the DoD Joint Special Access Program Implementation Guide (JSIG). Successful experience implementing and supporting the Risk Management Framework (RMF) as defined in the above directives is required.
  • Candidates require experience implementing and supporting Defense Information System Agency (DISA) Secure Technical Implementation Guides (STIG) for Red Hat Linux and Microsoft Windows Server Operating Systems.
  • Experience with the use of NIST SP 80053r4 for SSP documentation.
  • Experience in application development lifecycles.
  • Experience engaging with large engineering development and operations teams.
  • Understanding and experience with vulnerability scanners including static dynamic and Host OS and Database scanners such as Nessus.

OTHER PREFERRED QUALIFICATIONS:

  • IAM Level III Certification (GSLC CISM and/or CISSP).
  • Prefer candidates with an institutional knowledge of the University of Floridas IT environment and information systems.
  • Must be flexible in work style and able to work in open workspace environment.
  • An active DOD Secret Security Clearance. DoD 8570 Compliance.
Special Instructions to Applicants:

In order to be considered for this application you must upload a cover letter and resume with application.

This is a timelimited position

Application must be submitted by 11:55 p.m. (ET) of the posting end date.

Health Assessment Required:No


Required Experience:

Manager

Employment Type

Full-Time

Company Industry

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.