Info Sys/Network Security Spec 3
Info Sys/Network Security Spec 3
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Torch Technologies is seeking a Cybersecurity Information System Security Manager (ISSM) (Senior) to join a team that conducts advanced planning to achieve/maintain Authority to Operate (ATO) for systems assigned to the Air Force Human Resources Systems Division. This includes performing reviews and monitoring of Risk Management Framework (RMF) packages and oversight of 30K Common Control Indictors from the assessment of 4.8K Security Technical Implementation Guide checklist items as outlined in the National Institute of Standards and Technology special publications to ensure confidentiality integrity and availability of IT systems. This person will be responsible for accomplishing the 6-Step RMF process developing test scripts answering RMF controls in the Enterprise Mission Assurance Support Service (eMASS) developing security documentation and other activities required to obtain an ATO for assigned systems. This position supports the AFLCMC/GB Business and Enterprise Systems Directorate (BES)/GBH Human Resources Systems Division.
Responsibilities:
This position requires a highly motivated individual with experience in ensuring the appropriate operational security posture is maintained for the assigned IT. This includes the following related to maintaining situational awareness and initiating actions to improve or restore cybersecurity posture:
- Reviews and monitors security controls required to obtain an Authority to Operate (ATO) for assigned systems.
- Develops tests and operates firewalls intrusion detection systems enterprise anti-virus systems and software deployment tools
- Conducts investigations of computer security violations and incidents reporting as necessary to management
- Researches evaluates tests recommends communicates and implements new security software or devices
- Safeguards the network against unauthorized infiltration modification destruction or disclosure
- Completes and maintains required cybersecurity certification IAW AFMAN 17-1303.
- Implements and enforces all AF cybersecurity policies procedures and countermeasures.
- Ensures all users have the requisite security clearances and need-to-know complete annual cybersecurity training and are aware of their responsibilities before being granted access to the IT according to AFMAN 17-1301;
- Maintains all authorized user access control documentation IAW the applicable AF Records Information Management System.
- Ensures software hardware and firmware complies with appropriate security configuration guidelines e.g. security technical implementation guides/security requirement guides.
- Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.
- Coordinates changes or modifications with the system-level ISSM SCA and/or the Wing Cybersecurity office; and
- Reports security incidents or vulnerabilities to the system-level ISSM and wing cybersecurity office according to AFI 17-203 Cyber Incident Handling.
Requirements
Required Qualifications:
- Education
- Bachelors Degree in a related field and 6years of experience in the respective technical/professional discipline being performed.
- OR 10years ofrelated cybersecurityexperience with proper certification.
- Specific Work Experience
- Extensive knowledge and proficiency with the Risk Management Framework (RMF) and in accomplishing the 6-steps of the RMF process
- Experience with developing test scripts and answering security controls in eMASS
- Expert knowledge and proficiency with Cybersecurity best practices
- Expert knowledge and understanding of Federal and DoD Cybersecurity regulations and policies
- Experience with the implementation of new IT/Business System technologies to include but not limited to Cloud Infrastructure and Enterprise Resource and Planning (ERP) systems.
- Must have experience with NIST SP 800-53 Security controls and the understanding of control implementations.
- Must be willing to learn and use cybersecurity testing tools.
- Certifications
- At a minimum the successful candidate will meet the requirements IAW the DoD Cyber Workforce Framework (DCWF) foundational requirements to obtain and sustain a cybersecurity certification In accordance with DAFMAN 17-1305 DAF Cyberspace Worforce Management Program and must have and maintain one of the following Advanced ISSM certifications:
- Certified Information Security Manager (CISM by ISACA) (Preferred)
- Certified Information System Security Professional (CISSP by ISC2) (Preferred)
- Certified Information Systems Security Officer (CISSO by UAT)
- Federal IT Security Professional-Manager-NG (FITSP-M by FITSI)
- GIAC Certified Incident Handler (GCHI by GIAC)
- GIAC Certified Intrusion Analyst (GCIA by GIAC)
- GIAC Cloud Security Automation (GCSA by GIAC)
- GIAC Security Leadership Certification (GSLC by GIAC)
- Global Industrial Cyber Security Professional (GICSP by GIAC)
- At a minimum the successful candidate will meet the requirements IAW the DoD Cyber Workforce Framework (DCWF) foundational requirements to obtain and sustain a cybersecurity certification In accordance with DAFMAN 17-1305 DAF Cyberspace Worforce Management Program and must have and maintain one of the following Advanced ISSM certifications:
- Security Clearance
- Ability to obtain and maintain a DoD Secret Security Clearance.
- U.S. Citizenship required.
Preferred Qualifications:
- The following skills are highly desirable but not required for this position:
- Agile principles methodologies and enabling technologies e.g. CheckMarx SonarQube Fortify Jira Confluence Kanban Scrum Jira Jenkins and Bitbucket.
U.S. Citizenship Required for this Position:Yes
Job Type:Regular
Security Clearance: Secret
Schedule: M-F; 8-5
Work Location: Randolph AFB Texas
Travel:Yes 0-10%
Relocation Assistance Available: No
Position Contingent Upon Award of Contract: No
Benefits:
Torch Technologies is proud to offer a stable and professional work environment a competitive salary and an excellent comprehensive benefit package including: ESOP participation 401(k) match and safe-harbor contribution medical dental vision life insurance short-term disability long-term disability flexible spending accounts Health Saving Accounts and Health Reimbursement Accounts EAP education assistance paid time off and holidays.
Applying to Torch Technologies:
Only those candidates invited for an interview will be contacted. Employment at Torch Technologies is contingent upon the successful completion of a comprehensive background check.
#LI-EW1
Employment Type
Full Time
