Information Systems Security Manager
Description:
Job Description
eTRANSERVICES offers exciting employment opportunities for individuals looking for a dynamic, fast-paced, growth-oriented work environment with a developmental career path. You will find a place where other people share your drive, motivation, and passion to make a real impact on the future of the company. As a member of our team, you will be instrumental in the delivery of (1) Systems Engineering Services; (2) Information Technology Services; (3) Cybersecurity Services; (4) Cloud Services; (5) Business Services and (6) Products. As a high-growth company, expectations are high, as are the rewards for hard work and results. We are committed to our employees, our clients, the quality of our services and products, along with the continued dedication to our growth strategy.
Benefits: Health Insurance. Paid time off. Paid Community Service time. Paid Federal Holidays. Education & Tuition Reimbursement. 401(k) Matching. Training and Education. We continue to expand our benefits and programs, offering some of the best support, guidance, and coverage for a diverse employee population.
Position: ISSM (Information Systems Security Manager) / Cyber Team Lead
[Requisition: 202309357]
Location: Ft. Eustis, VA (Hybrid)
Clearance Required: Candidate must be a US Citizen, and have at least a SECRET clearance.
Job Description:
· Leads the strategic initiative to ensure the application of STIGS across the network, servers, on-premise, and cloud environments.
· Directs the overarching strategy for Cybersecurity Engineering, Information Assurance, vulnerability analysis, risk remediation, and the establishment of cybersecurity controls in line with DoD system specifications and policies.
· Champions the implementation of the DoD Risk Management Framework (RMF) to bolster Assessment and Authorization (A&A) across DoD network environments. This leadership role involves engaging with system stakeholders to craft comprehensive system security plans (SSPs), contingency plans, and other pivotal documentation.
· Oversees the assembly and submission of A&A packages for IA Security Control Assessor (SCA) evaluation and feedback.
· Guides the utilization of tools like eMASS (Enterprise Mission Assurance Support Service) and ACAS (Assured Compliance Assessment Solution) Security Center for A&A management, ensuring thorough analysis and system security.
· Fosters a collaborative environment, working hand-in-hand with system owners and operators to address SCA findings and pinpoint, execute, and document mitigating controls.
· Drives the Professional Development of the team, ensuring that each member is equipped with the latest technical knowledge and certifications relevant to their roles.
· Orchestrates the Synergy of diverse technical talents, ensuring that the team's combined expertise is leveraged to its fullest potential.
· Supervises the Execution of complex technical projects, ensuring that deliverables meet the highest standards of quality and efficiency.
· Steers the Integration of tools and platforms, ensuring that the team utilizes the best resources for optimal performance and results.
· Schedule and oversee periodic security reviews of the Azure environment to ensure sustained compliance and address evolving threats.
· Cultivates a Culture of open communication and continuous feedback, promoting a collaborative atmosphere where technical experts can thrive and innovate.
· Reviews and updates the Plan of Action and Milestones (POA&M) regularly, addressing any identified vulnerabilities or compliance gaps within the Azure environment.
· Coordinates with teams on the collection and analysis of security-related telemetry data within Azure Sentinel, ensuring that all RMF monitoring requirements are met.
· Works with Configuration Management to ensure the creation and updating of the Hardware/Software (HW/SW) list, ensuring all components within our Azure environment are documented and compliant with RMF standards.
· Working with Configuration Management on versioning and release control that ensures all proper security controls and countermeasures are in place before release into the cyber terrain for operations.
· Has full knowledge and understanding of the process and tools in the Agile Scrum methodology to include the Application Development Life Cycle Process, Sprint Cycles, and the requirements for Flaw identification using SonarQube for code verification.
· Can work with and engage development engineers and teams on way forward on moderate and complex solutions to issues that arise concerning cybersecurity requirements during those cycle.
· Can utilize Azure DEVOPS toolset in order to work with multiple teams during the initiating, planning, and execution of the build of applications that will be moving into a cloud environment.
Education: Minimum of a 4-year college degree in a related field
Experience: 10 years with MA/MS or 12 years with BA/BS
Certifications:
(1) Meet DoD 8570.01M Baseline Certification Requirement and DoD Summary of IA Qualification Requirements: IAM Level II (Must possess one of the following certifications in good standing: CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, or CCISO). – [REQUIRED]
(2) Industry Certification: DISA ACAS 5.3 or greater [PREFERRED]
(3) CSSP Incident Responder Certification: CEH, CFR, CCNA Cyber Ops, CCNA-Security, CHFI, CySA+, GCFA, GCIH, SCYBER, PenTest+ - [PREFERRED]
Clearance Required: Candidate must be a US Citizen, and have at least a SECRET clearance.
EEO Statement:
eTRANSERVICES is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, among other things, or status as a qualified individual with a disability.
EOE AA M/F/Vet/Disability
Please notify Human Resources if you need an accommodation to participate in the application or interview process.
Description
eTRANSERVICES provides enterprise TRANsformational SERVICES to our U.S. federal government and for state and local agency clients by helping them solve their business and technology challenges with innovative thinking, repeatable processes, and outcome-based solutions while leveraging the appropriate technologies. Our outcomes enable our clients to save money, increase efficiency, effectiveness, and contribute towards the greater enterprise using our franchised methodology for service delivery.
Our core competencies are (1) Systems Engineering & Integration Services; (2) Information Technology Services; (3) Information Assurance & Cyber Security Services; (4) Cloud Services; (5) Business Services and (6) Products.