Corporate Information System Security Manager (ISSM)

Corporate Information System Security Manager (ISSM)

Company Overview:

KODA is a people-first company recognized as a five-time winner of Huntsvilles Best Places to Work Award certified as a Great Place to Work and a Best Place for Working Parents. KODA is a small business focused on solving complex engineering problems on national-priority projects in domains such as missile defense hypersonics DOD space and civil space.

Our expertise spans Radar and Missile Development Multi-Domain Operations Flight and Ground Test Planning and Execution Tactical Data Link Testing Test Range Instrumentation Systems Engineering and Integration Model and Simulation Development and Digital Engineering/Model-Based Systems Engineering.

The name KODA a Native American word meaning allies embodies our dedication to our customers and each other. Trust and integrity guide us in all we do. We prioritize our people support national-priority missions and give back to our community through the KODA Cares program. We offer competitive compensation excellent benefits and a commitment to professional growth. Join us and learn more at .

Position Overview:

KODA Technologies Inc. is seeking a full-time Corporate Information System Security Manager (ISSM) to oversee the implementation and continuous monitoring of the Risk Management Framework (RMF) and Cybersecurity Maturity Model Certification (CMMC) of KODAs Classified Information System and Corporate Information System.

Duties/Responsibilities:

• Oversee and manage the risk posture of the KODA classified AIS in accordance with the NIST 800-37 Risk Management Framework (RMF) process working directly with Defense Counterintelligence & Security Agency (DCSA) Information System Security Professional (ISSP) to develop and implement the required strategy utilizing NIST 800-53 to accomplish KODAs missions.
• Maintain and monitor KODAs Cybersecurity Maturity Model Certification (CMMC) Level 2 certification in accordance with NIST 800-171 and DFARS 252.204-7012.
• Chair KODAs RMF and CMMC Configuration Control Boards (CCB) and make risk determinations supporting KODAs current risk posture as defined by current authorizations.
• Maintain KODAs RMF and CMMC Continuous Monitoring (ConMon) Plans to maintain system accreditation compliance.
• Develop and implement Plan of Action & Milestones (POA&M).
• Work collaboratively with System Administrators to conduct Cyber Security (CS) Risk Assessment Reports (RAR) to develop mitigation remediation and monitoring strategies in compliance with National Industrial Security Program Operating Manual (NISPOM 32 CFR Part 117) and DCSA Assessment and Authorization Guide (DAAG).
• Implement all applicable controls associated with obtaining and maintaining RMF Authorities to Operate (ATO) IAW NIST 800-37.
• Manage and report DCSA required RMF efforts to DCSA Information Systems Security Professional (ISSP) and Security Control Assessor (SCA).
• Provide recommendations to the Senior Information Systems Officer (SISO) associated project Team Leads and Facility Security Officer (FSO) for process enhancements for DCSA-accredited IS.
• Assist the SISO and FSO in the effective implementation assessment improvement and management of the KODA Security Program.
• Act as the liaison between KODA Leadership and the corporate IT and Cybersecurity Managed Service Providers regarding vulnerability scanning mitigations risk acceptance and overall system security posture.
• Support KODAs oversight and performance of other corporate computing efforts as needed including monitoring of Help Desk ticket status new hire IT onboarding system administration and inventory of KODA and government-furnished property.

Requirments:

• Two-year or Four-year degree in Computer Engineering Computer Science Information Systems Security/Assurance or related field.
• 4 years of ISSO experience or 2 years of ISSM experience.
• 4 years of Microsoft operating systems administration experience.
• 2 years of experience with Assessment & Authorization (A&A) responsibilities including ISSO ISSM policy development control testing POA&M management and configuration management.
• Ability to obtain and maintain DoD 8140 IAM II certification
• Experience with working with DoD tools including Enterprise Mission Assurance Support Service (eMASS) SCAP DISA STIGs and other monitoring tools.
• Experience with performing cybersecurity compliance standards including NIST Controls and DISA STIGS.
• Experience with Systems Administration Information Systems Auditing Data Security Analysis and/or Network Administration.
• Experience with Microsoft Office products.
• Strong organizational analytical and problem-solving skills.
• Solid communication skills both in written verbal and interpersonal skills.
• Ability to self-prioritize tasking and work multiple projects in tandem while meeting mission objectives and strict timelines.
• Ability to develop and maintain effective working relationships across the organization.
• Willingness to jump in and support various diverse IT-related tasks when needed to support the mission.

Clearance:

• Active Secret Clearance

KODA Technologies Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex gender identity sexual orientation pregnancy status as a parent national origin disability (physical or mental) family medical history or genetic information political affiliation military service or other non-merit based factors. If you are unable to complete this application due to a disability contact to ask for an accommodation or an alternative application process.

Required Experience:

Manager