Information System Security Manager (ISSM)

Job Title: Information System Security Manager 

Job Category: IT 

Location: Remote 

Clearance: Active DoD Secret Clearance

About SHR

SHR is a premier technology integrator solving our nation’s most complex modernization and readiness challenges across the defense, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and AI. With an intimate understanding of our customers’ challenges and deep expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. 

Position Overview

The Information Systems Security Manager (ISSM) is responsible for the Risk Management Framework (RMF) authorization of assigned Information Systems (IS). Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security plan. Conduct periodic assessments of authorized systems and ensure corrective actions for all identified findings and vulnerabilities are addressed in a timely manner. Assume responsibility for all RMF continuous monitoring activities for authorized systems, including periodic analysis of collected audit records and system vulnerability management cycle. Monitor system incident recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure user activity monitoring data is analyzed, stored, and protected in accordance with our program policies and procedures and execute a strong continuous monitoring strategy.

Job Responsibilities: 

• Develop and maintain information system security implementation policy and guidelines of network security using the Risk Management Framework (RMF) and other relevant industry and governmental standards.
• Prepare and review Authorization to Operate (ATO) documentation to include System Security Plans (SSPs), the Plan of Action and Milestones (POA&M), Risk Assessment Reports, Assessment and Authorization (A&A) packages, and security control implementations.
• Ability to successfully interface with other teams, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel, and government security representatives.
• Review and create mitigation reports from compliance and vulnerability scanning tools (Nessus, SCAP, ACAS, SCC, etc.).
• Coordinate with Security Control Assessor (SCA) and Authorizing Official (AO) on approval of external information systems (e.g. interconnected system with another organization).
• Ensure approved procedures are used for sanitizing and releasing system components and media.
• Maintain a repository of all security authorizations for program systems.
• Ensure proper measures are taken when an IS incident or vulnerability is discovered.
• Ensure CM policies and procedures for authorizing the use of hardware/software are followed.

Experience: 

• Must have 5 years of experience 

Certifications:

 Why Join Us: 

At SHR, you will join a team that fosters growth, supports innovation, and encourages continuous learning. You’ll have the opportunity to impact significant government initiatives and contribute to national security and public welfare. We offer:

• Competitive compensation.
• Comprehensive benefits.
• Flexible work environment.

SHR is committed to diversity and inclusion, welcoming applicants from all backgrounds. Join us and make a difference!

.