RockvilleMDRecruiter Since 2001
the smart solution for Rockville jobs

Information System Security Manager (ISSM)

Company: BAE Systems
Location: Rockville
Posted on: June 18, 2022

Job Description:

Join BAE Systems' Intelligence and Security sector and be a part of a team that enables our employees to support our customers and their missions. We are seeking an Information System Security Manager (ISSM) to join the security team in our Rockville, MD facility. The ISSM is the primary point of contact between the organization and the Cognizant Security Agency (CSA) on all aspects of Information Technology (IT) systems; security, risk management, assessment, and authorization. The ISSM is responsible for ensuring security principles, procedures, and practices under the Risk Management Framework (RMF) are applied to information system. As an ISSM you will work in coordination with Senior Security Management, Customer Representatives, Program Managers, Information System Security Officers (ISSO), and System Administrators (SA) to maintain a strong information security posture. Your work will ensure information systems maintain compliance with applicable security directives and standards, such as ICD 503, NIST, CNSSI, NISPOM, DAAPM.

The site ISSM is as a member of the corporate security team and may be called-on to assist the team with other security related duties, such as self-inspections, investigations, user-training, interpreting & applying corporate policy, etc. In the future the Sterling ISSM may become a direct supervisor of Information System Security Officers (ISSO).

The BAE Systems' Rockville facility is located near the intersection of Interstate 270 and Shady Grove Road. The facility is also near the Shady Grove Metro station.

Occasional local travel may be required for work or training purposes - less than 5%.

The responsibilities of an ISSM include, but aren't necessarily limited to:
Manage Information Assurance Program at the BAE Systems' Sterling, VA facility
Act as primary point of contact with multiple CSAs on information and IT system security matters
Protect information systems and data from threats and vulnerabilities
Create and maintain system security documentation using Enterprise Mission Assurance Support Service (eMASS)
Develop policies, procedures, and work instructions that detail how system security is implemented and maintained
Implement, maintain, and monitor security controls
Achieve and maintain Authorization to Operate classified information systems
Assess technical and non-technical threats and mitigate vulnerabilities
Review ACAS vulnerability scans, assess results, and mitigate findings
Provide security related guidance to colleagues
Maintain eligibility for personnel security clearance
Perform other duties as assigned
For an extensive list of responsibilities and tasks that may be associated with the ISSM role, refer to the DCSA Assessment and Authorization Process Manual (DAAPM) or visit the DHS Cybersecurity & Infrastructure Security Agency (CISA) Cyber Jobs Glossary

Required Education, Experience, & Skills
Required Education & Experience:
8+ years relevant technical or security experience with a Bachelor's or Master's degree in a related field
15+ years relevant technical or security experience with some or no college and relevant certifications
Required Certification:
The candidate must hold an IAM Level 2, DoD 8570.01-M compliant certification (i.e. CAP, CASP+ CE, CISSP, GSLC, CCISO, or HCISSP).

Required Security Clearance:
Active Secret Clearance and ability to obtain a Top Secret clearance.

Required Skills & Experience:
A qualified candidate for this position must have the ability to:
Communicate clearly and concisely verbally and in writing
Listen and ask clarifying questions as needed
Speak in small and large group settings
Draft clear, concise, and grammatically correct documentation
Maintain complete and organized records
Set and self-manage professional development & education goals
Ability to prioritize competing demands and complete tasks on schedule

A qualified candidate for this position must have experience with or an understanding of:
The RMF process
NIST 800 series, NISPOM Chapter 8, DAAPM, and related publications
Requirements gathering, designing, and implementing IT Systems
Drafting System Security Plans (SSP) and other Body of Evidence (BOE) documentation in support of an authorization package, such as boundary diagrams, operating procedures, etc.
Implementing and monitoring technical, administrative, and operational security controls
Performing risk assessment and risk mitigation for classified IT systems
The Assessment and Authorization (A&A) process
Collaborating with CSA representatives to maintain open communication
Using network/system scanning tools and interpreting results
Using Security Information and Event Management (SIEM) software
Security incident management
Security education, awareness, and training

Preferred Education, Experience, & Skills
In addition to the required skills for this position, a successful candidate will demonstrate some combination of knowledge, training, and hands-on experience with/in:
The DoD community
DoD community networks
Other documentation process tools, such as Xacta
As an [assistant] FSO, CSSO, or CPSO
CNSSI 1253
Penetration testing
Vulnerability Analysis
Critical Incident Response
COMSEC procedures
Network design and network device configuration
Hardware and software vendors
Virtualized environments & virtualization technologies
Cloud Security concepts
McAfee Host Based Security System (HBSS) ePolicy Orchestrator (ePO)
CUI protection guidelines
Insider Threat Programs

About BAE Systems Intelligence & Security
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.

Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.

Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.

Keywords: BAE Systems, Rockville , Information System Security Manager (ISSM), Executive , Rockville, Maryland

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Maryland jobs by following @recnetMD on Twitter!

Rockville RSS job feeds