Information Systems Security Manager (ISSM)Location: Beavercreek, Ohio Categories: Cybersecurity Req ID: 2023-7261 Potential to Telecommute: No
MTSI is a 100% employee owned by more than 1,300 engineers, analysts, and professionals dedicated to providing high caliber services to aerospace and defense and intelligence customers across the US. We are always looking for the best to join us as we grow.
Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry. Eligible new co-workers start accruing PTO at a rate of 20 days/year, 10 holidays/year, 6% 401k match with immediate vesting, semi-annual bonuses, and eligibility to participate in our company funded Employee Stock Ownership Plan (ESOP). We offer other employee focused benefits, including up to $10k in annual tuition reimbursement and an optional zero dollar deductible BCBS health insurance plan.
For additional company information, please visit: http://www.mtsi-va.com/
• Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures
• Generate and maintain required Information System (IS) security documentation including Systems Security Plans (SSP), Information Assurance Standard Operating Procedures (IA SOP), Continuous Monitoring Plans, Security Control Traceability Matrices (SCTM), Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices and procedures
• Assume Information System Security Officer (ISSO) responsibilities in their absence
• Maintain customer-required Information Assurance (IA) certifications
• Maintain day-to-day security posture and continuous monitoring of classified Information Systems
• Coordinate with customers on approval of external information systems/guest systems
• Schedule, perform and maintain records of required IS auditing, patching, maintenance, software/hardware changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirements
• Develop and conduct test procedures for verification of Authorization and Accreditation (A&A) and/or Risk Management Framework (RMF) safeguards to meet customer requirements based upon JSIG, ICD 705, NIST 800-53, NIST 800-53a, NIST 800-171 & CNSSI 1253
• Evaluate threats and vulnerabilities to determine the need for supplementary safeguards (e.g. architecture, firewall, data flow, network access, etc.)
• Employ customer-approved procedures for sanitizing and releasing system components and media
• Ensure all IS security-related documentation is current and accessible to properly authorized individuals
• Conduct periodic reviews to ensure compliance with SSP
• Be knowledgeable of and comprehend customer Security Classification Guides (SCG) to determine classified system requirements
• Enforce Configuration Management (CM) policies and procedures for authorizing the use of hardware/software on an IS
• Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented
• Assess proposed changes to customer information systems, their environment of operation, and mission needs that could affect system authorization.
• Maintain a working knowledge of IS functions, security policies, technical security safeguards, and operational security measures
• Coordinate with Program Security Officer (PSO), Contractor Program Security Officer (CPSO) and/or Government SAP Security Officer (GSSO) to define, implement and maintain information security policies, strategies, and procedures Implement policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents
• Formally notify the appropriate individuals when changes occur that might affect accreditation
• Ensure the development, documentation, and presentation of classified IS security education, awareness, and training activities
• Provide mentoring and leadership to supporting ISSOs
• Familiarity with enterprise-level networks and Information Systems
• Knowledge of DevSecOps policies and procedures including Continuous Integration / Continuous Development (CI/CD) pipelines
• Bachelor’s degree in Computer Science, Information Assurance, Information Security or related field. Desired Master's degree in Computer Science, IT Management, Cybersecurity or Information Assurance
• Six (6) years of experience working in an IA-related field
• Four (4) years of additional experience may be substituted for a bachelor’s degree
• CompTIA Security+ Certification
• (ISC)2 CAP - Certified Authorization Professional Certification
• Desired: (ISC)2 CISSP - Certified Information Systems Security Professional Certification
• Experience with A&A documentation and system authorization artifacts for Special Access Program (SAP) and Secure Compartmentalized Information (SCI) systems
• Knowledge of federal security requirements and mandates (e.g., RMF, Federal Information Processing Standards (FIPS), National Standards of Information Technology (NIST))
• Experience with security architectures, firewalls and network access
• Experience with risk managed downloads / Assured File Transfers (AFTs), IS sanitization and destruction, PEDs, contaminations, incident response, virus scanning, privileged user access, and hardware/software configuration management
• Excellent oral and written communication skills
• Strong customer service skills; being able to work with personnel across multiple disciplines of the organization
• Strong organizational skills and ability to manage multiple tasks concurrently
• Excellent time management, scheduling, and organizational skills
• Ability to work well independently as well as follow detailed instructions for completing tasks
• Working knowledge of development tools such as GitLab, Artifactory, JIRA & Sonarqube
• Must possess an active Top Secret security clearance. Duties will require unescorted entry and work within classified SAP and SCI facilities. 100% onsite in the customer’s facilities
• Desired to have 12 months or more of experience in a SAP environment within the last 5 years
Please Note: U.S. Citizenship is required for this position, due to contract requirements.
• Travel: Position requires up to 10% travel to CONUS areas.
Opportunities at MTSI
- Joint Simulation Environment - Deputy to the Chief Engineer Edwards Air Force Base,California 02/01/2023
- System Engineering Assurance Engineer Fort Belvoir,Virginia 02/03/2023
- Senior Budget Analyst Huntsville,Alabama 02/03/2023
MTSI maintains an outstanding work environment that includes competitive compensation, outstanding benefits, the opportunity to be an employee-owner, and challenging work assignments with significant opportunities for advancement/career growth. To be considered for employment opportunities at MTSI, you must complete an online application.
EEO Statement: MTSI embraces nine core values including our first core value of Employees come first. Consistent with our Core Values, we are committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, military/veteran status, disability, or any other characteristics protected by law. MTSI is committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with MTSI and need special assistance or accommodation to use our website or to apply for a position, please send an e-mail with your request to email@example.com. Determination on requests for reasonable accommodation is made on a case-by-case basis.
MTSI posts all open positions of employment here on our official website Careers page. MTSI Recruiters will always make direct personal contact with candidates by either speaking directly via telephone call, face-to-face video conference, or in-person, and will never conduct interviews or extend offers of employment via text or using messaging applications. If you believe you may be the victim of employment fraud, we encourage you to contact the Federal Trade Commission (FTC) thru their website: reportfraud.ftc.gov.