Description
The Systems Security Lead is responsible for applying security principles, practices, and procedures under the RMF to maintain compliance with applicable security regulations, such as CNSSI, NIST, and National Industrial Security Program Operating Manual (NISPOM), governing the management of classified information systems. Functions of this role include identifying security control requirements; developing and updating system security plans; managing and controlling changes to specific systems, assessing the security impact of those changes, and maintaining system security configuration; supporting achievement of Authorization to Test (ATT) and ATO for the Government’s information systems; working with the Government’s security section to streamline ATT and ATO activities; directly or indirectly implementing, monitoring/auditing, and reporting compliance with security controls; preparing and completing action plans; providing security-related training and guidance; and implementing security-related change.
Primary Responsibilities
The Systems Security Lead is responsible for supporting the application of security principles, practices, and procedures under the RMF to maintain compliance with applicable security regulations, such as CNSSI, NIST, and National Industrial Security Program Operating Manual (NISPOM), governing the management of classified information systems. The Lead will be responsible for leading and assigning portfolio accounts task to a skilled team of InfoSec Security Engineers and Security Systems Engineers. The lead will support the mentoring of direct hires and provide security-related guidance on established protocols and standards.
Basic Qualifications
• A minimum of a Bachelor’s Degree in Engineering, Computer Science, Information Science, or related technical field.
• A minimum of one of the following or related certifications:
i. Information Systems Audit and Control Association (ISACA) Certified Information Security Manager (CISM) certification.
International Information Systems Security Certification Consortium (ISC2) Certified Information Systems Security Professional (CISSP) certification.
Global Information Assurance Certification (GIAC) Security Essentials Certification (GSEC).
iv. GIAC Security Leadership Certification (GSLC).
A minimum of five years of information security, information assurance, cyber security field, and/or other related work experience.
• Experience monitoring NISPOM requirements, security frameworks, and other relevant security regulations.
• Experience supervising others.
Candidates must have a BS and at least 5+ years of prior relevant experience or a Masters with 3+ years of prior relevant experience.
Candidate must have an active TS/SCI with polygraph.
Preferred Qualifications
|
