Information System Security Manager
At Whitman, Requardt & Associates, LLP, we are People Focused and Project Driven. We have been in business for more than 105 years and we are known for our quality work and quality employees. This is your chance to join our team - help us to design the infrastructure and buildings that improve the world!
Are you passionate about protecting information systems, ensuring compliance with security standards, and have an active DoD Top Secret/SCI clearance? Do you have the skills and experience to oversee the Authorization and Accreditation (A&A) of multiple government sponsored systems and local facilities? Do you want to join a team of People Focused and Project Driven professionals who design the infrastructure and buildings that improve the world? If you answered yes to these questions, then Whitman, Requardt and Associates, LLP (WRA) is the place for you!
WRA is a leading engineering and architecture firm with more than 105 years of history and a reputation for quality work and quality employees.
As an ISSM at WRA, you will be responsible for carrying out Information Assurance activities in support of multiple classified environments and maintaining relationships with multiple government sponsors. You will also ensure overall system compliance with the Risk Management Framework (RMF) and associated policy, procedures, guidelines, and other system-related artifacts.
You will apply your expertise in security features, products, and procedures to ensure operational system authorization and accreditation. You will also use commercial off-the-shelf (COTS) tools such as Nessus and Splunk to assess and mitigate system vulnerabilities and perform audits as part of continuous monitoring.
This is an onsite position in our Baltimore, MD office
Responsibilities:
- Develop and maintain multiple classified Information Systems (IS) Security Programs
- Review, prepare, and update Authority-to-Operate (ATO) packages in accordance with RMF requirements and customer specific policy, procedures, and guidelines
- Identify, communicate, and coordinates changes that might affect IS Security Authorization status with government sponsors (IA, SCA, etc.) & stakeholders
- Perform routine self-inspections, continuous monitoring, and reviews of system test plans
- Scan for and identify system vulnerabilities and work with technical subject-matter experts (SME) to identify and implement countermeasures
- Contribute to various technical review and inspection teams
- Coordinate, prepare, and track system inspections, reports, and responses
- Conduct manual SRG/STIG checklists and remediation.
- Maintain IS security records and support the development of technical documentation which may include Interconnection Security Agreements (ISA) / Memorandums of Understanding (MOU), System Security Plans (SSP), etc
- Prepare reports on the status of security controls and safeguards applied to computer systems.
- Ensure information systems are operated, maintained, and disposed of in accordance with established security policies, procedures, standards, and guidelines
- Develop, deliver, and monitor compliance with information system security trainings as necessary
- Provide leadership, mentoring, and quality assurance for team members as a cybersecurity expert
Requirements:
- Associates degree and 7
years of experience in IT and cybersecurity or Bachelors degree and 3
years of experience in IT and cybersecurity - Security
or equivalent certification required - Familiarity with e-MASS, NIST 800-53 and supporting classified environments
- The ability to work in a dynamic environment and efficiently interact with various government entities, government/civilian personnel, and industry partners
- Comfortable working hands-on with networks, computers, and performing basic administration tasks such as password resets, adding/removing Active Directory (AD) users, and managing basic group policy configurations
- Experience with supporting RMF requirements such as ATOs, risk management, and incident response
- Experience in writing technical and administrative policy documents
- Working knowledge of Microsoft Office (Word, PowerPoint, and Excel)
- Strong written and verbal communication skills
- US Citizenship required
- Active DoD Top Secret/SCI clearance
Preferred
Qualifications:
- Familiarity with ICD-503 requirements
- IAM Level III equivalent certification, such as CISSP or CISM
- Experience with COTS tools such as Nessus, Splunk, etc.
- Strong familiarity with SAP/SAR environments
- Familiarity with CMMC/NIST SP 800-171 requirements and/or GRC platforms like FutureFeed
- Experience with DISA STIGs and SCC for SCAP compliance
Benefits:
WRA recognizes that employees play an important role in its success. Our commitment to full-time employees is reflected in the comprehensive benefits package we offer:
- Flexible work schedule options
- Competitive salary
- Leave accrual and paid holidays
- Healthcare benefits
- Group Life Insurance, as well as additional optional life Insurance, short and long term disability insurance
- Flexible spending accounts for medical and dependent care reimbursement
- 401(k) Retirement Plan
- Tuition Reimbursement
- Employee Assistance Program
- Parental and maternity leave benefits
WRA is an equal opportunity/affirmative action employer and complies with all applicable anti-discrimination laws.
Applicants must be currently authorized to work in the United States on a full-time basis without the need for employment-based visa sponsorship now or in the future. WRA will not sponsor applicants for U.S. work visa status for this opportunity. (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa)
Position #:
2105
|
|
 | |
