Information Systems Security Manager

Ensures adherence to application security in all phases of the software development life cycle.

Collaborates with team members and acts as an expert resource to define application security best practices, performs software architecture and design reviews, and supports the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms.

Serves as the expert in all matters related to Cyber Security Engineer, mentoring and coaching junior team members.

+ Develops security procedures and methods to ensure the safety of information systems and to protect the system from intentional (unauthorized) or accidental (inadvertent) access or destruction.

+ Adept at integrating cybersecurity best practices + Engineers, implements and monitors security measures for the protection of computer systems, networks and information.

Documents and implements Standard Operating Procedures (SOPs). + Leads highly technical project teams through each phase of System Engineering Lifecycle to deliver capabilities in accordance with program/project provided functional requirements.

+ Defines, maintains, and enforces application security best practices.

Identifies opportunities for process improvements and leads efforts implement.

+ Leads reverse engineering of systems exploitations to include computer forensics, and analysis of binaries, assembly language, source code and/or malicious logic code.

+ Writes comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.

+ Identifies additional application security related tools, conducts tool analysis, and provides recommendations on what tools will enhance security protocols.

+ Performs and conducts penetration tests and manual/automated code reviews.

+ Serves as an expert resource in the development of training for developers and other relevant team members on Secure Code Development as well as other security protocols.

+ Designs, develops or recommends integrated system solutions ensuring proprietary/confidential data and systems are protected.

Minimum Qualifications + Bacheloru2019s Degree in Computer Science or a related field, Masters preferred + 12+ years of experience in systems security, cybersecurity, or related + CISSP/CISM preferred + TS/SCI clearance is required + Security+ or other DoD 8180 compliant certification Other Job Specific Skills + Manage and develop artifacts as part of a government authorization to operate.

+ Develop and integrate cybersecurity best practices for Kubernetes clusters and DevOps pipelines.

+ Create and update artifacts (e.g., SSP, hardware/software lists, PPSM, SCTM). + Maintain communication with project leaders on the implementation of security controls and policy enforcement.

+ Engage with the security control assessors.

+ Support the implementation of technologies into the CI/CD processes and systems to establish secure-by-default standards for developed solutions.

+ Evaluate, develop and/or implement information assurance guidelines and procedures as required.

+ Recommend security solution mitigations and enhancements supporting information assurance guidelines and customer requirements.

+ Perform vulnerability/risk analysis of computer systems and applications during all phases of the system development life cycle.

+ Provide input into an audit and accountability plan containing methods, procedures, and planned reviews for the continuing accreditation.

+ Ensure that all information systems meet or exceed compliance requirements.

+ Identify, report, and ensure the resolution of security violations.

+ Monitor and review the regular updates/upgrades to equipment and procedures to maintain pace with information assurance requirements and business needs.

+ Experience using Kubernetes clusters and DevOps pipelines Compensation Ranges Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience.

The compensation displayed for this role is a general guideline based on these factors and is unique to each role.

Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

EEO Requirements It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions.

We affirm our commitment to these fundamental policies.

All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age.

All decisions on employment are made to abide by the principle of equal employment.

Physical Requirements The physical requirements described in