Information Systems Security Manager

About the Team:

The Security team at STR is comprised of highly skilled professionals who are responsible for maintaining compliance with Government protocol and directives.

The Classified Cybersecurity (CCS) team consists of a collaborative group of ISSMs ISSOs and ISSEs who are passionate about national security and take great pride in maintaining Confidentiality Integrity and Availability of our Information Systems and enable execution of STRs portfolio of programs across a vast customer base.

The Role:

STR has an exciting opportunity for a well-rounded cybersecurity professional to join our Cybersecurity/Risk Management Framework (RMF) program as a key contributor for classified programs.

The ISSM is responsible for compliance oversight assessment and operations of systems under their this dynamic position you will interface and collaborate with other Cybersecurity professionals (ISSOs ISSEs) Security professionals (CSSOs FSOs) and System Administrators on overall compliance and configuration change management.

Please notethis is not a remote role and requires you to be onsite.

Responsibilities:

• Responsible for the Cybersecurity program as stipulated by various US Government requirements including (but not limited to): Joint Special Access Implementation Guide (JSIG) Intelligence Community Directive (ICD) 503 DCSA Assessment and Authorization Guide (DAAG) and the National Industrial Security Operating Manual (NISPOM).
• Perform Assessment and Authorization (A&A) activities including testing of security controls and preparing/maintaining documentation such as: Standard Operating Procedures (SOP) System Security Plan (SSP) Risk Assessment Report (RAR) Security Controls Traceability Matrix (SCTM) Plan of Action and Milestones (POA&M) reports etc.
• Maintain thorough understanding of NIST SP800-53 controls determines controls applicable to the application and documents control implementation in the SCTM.
• Manage and maintain Continuous Monitoring (ConMon) of assigned networks by performing periodic self-inspections tests and technical reviews to ensure workstations and servers operate as authorized and accredited.
• Coordinate with program and project stakeholders Cybersecurity staff (including other ISSMs ISSOs and ISSEs) the Facility Security Officer (FSO) the Contractor Special Security Officer (CSSO) and other Security and IT team members to define implement and maintain an acceptable information systems security posture.
• Responsible for security sustainment activities including (but not limited to): hardware change management software change management account management media protection user interface file transfers etc.
• Assists the FSO CSSO and Computer Incident Response Team (CIRT) in data spill incident response.
• Perform other tasks as assigned by manager.

Who you Are:

• Security Clearance: Active Top Secret security clearance with the ability to obtain SAP and SCI access (U.S. citizenship required).
• Certification: DoD 8140/8570 IAM Level III certification (CISM CISSP etc.).
• Experience:
  • 3-5 years as an ISSM implementing JSIG DAAG and/or ICD 503 IS requirements.
  • Previous security experience in a SAP/SCI environment.
  • Experience with configuration certification and auditing/analysis of Windows/Linux operating systems in Peer-to-peer LAN and WAN network environments.
• Skills and Knowledge:
  • Familiarity with vulnerability compliance and audit tools (Nessus SCAP Splunk etc.).
  • Understanding of authorization/accreditation databases (eMASS Xacta SNOW etc.).
  • Excellent communication skills.
  • Strong critical thinking and problem-solving skills.
  • Detail-oriented and self-motivated.
  • Ability to effectively prioritize multiple projects.
  • Strong customer service skills.
  • Ability to work well in a team environment and adapt to changing project priorities.

Pay Information
Full-Time Salary Range: $136k - $175k

The salary range listed is based on external market data. Offers are based on factors such as but not limited to the candidates experience education training key skills/critical skills security clearances and prevailing market and business conditions.

STR is a growing technology company with locations near Boston MA Arlington VA near Dayton OH Melbourne FL and Carlsbad CA. We specialize in advanced research and development for defense intelligence and national security in: cyber; next generation sensors radar sonar communications and electronic warfare; and artificial intelligence algorithms and analytics to make sense of the complexity that is exploding around us.

STRis committed to creating a collaborative learning environment that supports deep technical understanding and recognizes the contributions and achievements of all team members. Our work is challenging and we go home at night knowing that we pushed the envelope of technology and made the world safer.

STR is not just any company. Our people culture and attitude along with their unique set of skills experiences and perspectives put us on a trajectory to change the world. We cant do it alone though - we need fellow trailblazers. If you are one join our team and help to keep our society safe! Visit us more info.

STRis an equal opportunity employer. We are fully dedicated to hiring the most qualified candidate regardless of race color religion sex (including gender identity sexual orientation and pregnancy) marital status national origin age veteran status disability genetic information or any other characteristic protected by federal state or local laws.

If you need a reasonable accommodation for any portion of the employment process email us atand provide your contact info.

Pursuant to applicable federal law and regulations positions at STR require employees to obtain national security clearances and satisfy the requirements for compliance with export control and other applicable laws.