- Develops and executes an IT program detailed security policies, plans, and procedures that exceeds customer expectations and minimizes security risks.
- Serves as management official and point-of-contact for all information system issues involving sensitive and classified information.
- Manages security controls to ensure confidentiality, integrity, and availability of information and information systems; builds security into the development process and defines security specifications to support the acquisition of new systems, reviews all secure systems procurements to ensure that security has been considered and included.
- Provides strategic guidance and advice on secure meetings and state-of-the-art conference room technologies.
- Serves as liaison with program staff and other customers and can respond to short-notice tasks and provides security engineering and integration services to staff and other customers.
- Investigates information system security violations and prepares reports specifying corrective actions for the current situation and preventative actions to be taken in the future.
- Proactively coordinates the establishment of system security controls to protect sensitive government and institution information using authentication techniques, encryption, firewalls, and access controls.
- Maintain systems in accordance with the security plan and Authorization to Operate (ATO).
- Audits, monitors, and performs self-inspections of applications, systems, and security logs for security threats, vulnerabilities, and suspicious activities.
- Implement measures to protect data from physical destruction or theft. Ensure that back-up procedures are in place for data recovery.
- Conducts risk assessments of all systems and mitigates vulnerabilities wherever feasible.
- Develops and implements information system security training, education, and awareness programs for all system users.
- Interacts with government agencies to obtain rulings, interpretations, and acceptable deviations for compliance with Chapter 8 of NISPOM and other regulations.
- Ensures compliance with the National Industrial Security Program Operating Manual (NISPOM), DCSA Assessment and Authorization Process Manual (DAAPM), Department of Defense (DoD) regulations, Intelligence Community Directives (ICDs) and Security Technical Implementation Guides (STIGs).
- Prepares documentation, including Information Security Plans, outlining regulations, and establishing information security policy.
- Ensures all users have the requisite security clearances, authorization, and Need-to-Know (NTK).
- Complete required ISSM training within 6 months of hire.
- Maintains appropriate standard of confidentiality. When handling secure, privileged, sensitive, or confidential information and matters, maintains strict confidence and exercises care to prevent disclosure to others. Accesses confidential information for work-related reasons only, following the policies and procedures of the organization. Ensures that any privileged, sensitive, or confidential information is securely stored, disposed of, and transmitted according to the Institutional guidance.
- Related duties and special projects as assigned.
- Thorough understanding of the NISPOM chapter 8 requirements.
- Experience developing Information Systems security plans, policy, and procedures.
- Experience configuring laptops/desktops/servers, install applications, setup network infrastructure and troubleshoot as required.
- Have a strong understanding of computer operating systems (Windows and Linux), software and computer hardware.
- Experience with Windows account administration, group policy administration, and directory permissions.
- Experience with Windows Active Directory, Domain Controllers, Certificate Authority, DNS, DHCP, and Windows Update Services.
- Experience maintaining and auditing Cisco ISE, switches, routers, and firewall.
- Experience maintaining and auditing Palo Alto Intrusion Detection System.
- Experience with security event and Incident management utilizing Splunk.
- Experience with vulnerability management utilizing Tenable Nexus.
- Experience establishing and maintaining SIPRNet connectivity.
- Information Systems Security knowledge in system auditing.
- Lead Defense Counterintelligence and Security Agency (DCSA) Security Vulnerability Assessments (SVA), Command Cyber Readiness Inspections (CCRI) and Other Government Agency (OGA) inspections.
- Knowledge of the DoD Risk Assessment Methodology (DRAM).
- Experience with Plan of Actions and Milestones (POA&M) tracking.
- Experience with a Risk Management Framework (RMF) accreditation processes.
- Experience working in complex environments with a high degree of organizational effectiveness.
- Ability to work independently and with a team in a fast-paced environment.
- Excellent communication skills with a proven ability to effectively interact with all levels of employees, contractors, and customers.
-
Security Manager
3 weeks ago
Covington & Burling LLP Washington, United StatesSummary · The Security Manager is primarily responsible for the supervision of Covington & Burling LLP's security officers, and for the implementation and oversight of the emergency evacuation and first aid training program for the Washington, DC, office. · Duties & Responsibilit ...
-
Security Manager
3 weeks ago
Jones Networking Washington, United StatesPosition Title: Security Manager · Department: Security · Location: Washington, DC (NW) · Industry: Law Firm · Status: Full Time, Direct Hire, 9am-5:30pm · Jones Networking is recruiting for a Security Manager to join the Washington, DC office of an international Law Firm. The Fi ...
-
Security Manager
3 weeks ago
Covington & Burling Washington, United StatesSummary · The Security Manager is primarily responsible for the supervision of Covington & Burling LLPs security officers, and for the implementation and oversight of the emergency evacuation and first aid training program for the Washington, DC, office. · Duties & Responsibili ...
-
Security Manager
2 weeks ago
Watermark Risk Management International, LLC Washington, United StatesCome make your mark with Watermark · FOUNDED BY USAF VETERANS · in 2007, we are proud to be a Service-Disabled Veteran Owned Small Business. · SUBJECT MATTER EXPERTS · specializing in security and risk management. We're intimately familiar with DOD security programs and mission ...
-
Security Manager
2 weeks ago
Watermark Risk Management International, LLC Washington, United StatesCome make your mark with Watermark · FOUNDED BY USAF VETERANS in 2007, we are proud to be a Service-Disabled Veteran Owned Small Business. · SUBJECT MATTER EXPERTS specializing in security and risk management. We're intimately familiar with DOD security programs and mission req ...
-
Security Manager
3 weeks ago
The Watergate Hotel Washington, United StatesThe Hotel · Step inside a legendary revival at The Watergate Hotel, a luxurious urban resort located along the banks of the Potomac River. Here modern design blends with a storied past to redefine luxury. A place where travel and business are occasions worth celebrating, attenti ...
-
Edgewater Federal Solutions Washington, United StatesJob DescriptionJob Description · Security Management · Specialist/Security · Risk Management · Edgewater Federal Solutions, Inc. is currently seeking a · Security Management · Specialist/Security · Risk Management · with hands-on technical skills to provide support to Edg ...
-
Information Security Manager
3 weeks ago
Peraton Washington, United StatesResponsibilities · Provides technical and programmatic information assurance services to internal and external customers in support of network and information security systems. Designs, develops, and implements security requirements within an organization's business processes. Pr ...
-
Information Security Manager
3 weeks ago
Peraton Washington, United StatesResponsibilities · Provides technical and programmatic information assurance services to internal and external customers in support of network and information security systems. Designs, develops, and implements security requirements within an organization's business processes. Pr ...
-
Security Management Specialist
3 weeks ago
National Guard Employment Network Washington, United StatesJob Description · ATTENTION MILITARY AFFILIATED JOB SEEKERS - Our organization works with partner companies to source qualified talent for their open roles. The following position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spou ...
-
Security Project Manager
3 weeks ago
Crisis24 Washington, United StatesAt Crisis24, A GardaWorld Company, we take a proactive approach to solving business challenges and our customers are at the heart of everything we do. It's the reason we love rolling up our sleeves and getting down to work – and it's why we're so successful. It takes an entire te ...
-
Security Project Manager
1 week ago
TWO95 International Washington, United StatesTitle: PM Security · Duration: 1 year plus · Location: Washington, DC · Currently seeking a Sr. Project Manager who will be responsible for managing medium to large complex security projects involving physical and electronic security measures, risk management, homeland security a ...
-
Security Manager, ECD
3 weeks ago
Enterprise Community Partners Washington, United StatesEnterprise is a national nonprofit that exists to make a good home possible for the millions of families without one. We support community development organizations on the ground, aggregate and invest capital for impact, advance housing policy at every level of government, and bu ...
-
Security Manager, ECD
3 weeks ago
Enterprise Community Partners Washington, United StatesEnterprise is a national nonprofit that exists to make a good home possible for the millions of families without one. We support community development organizations on the ground, aggregate and invest capital for impact, advance housing policy at every level of government, and bu ...
-
Manager, Security Operations
2 weeks ago
RAND Washington, United StatesJob Type: · Regular Manager, Security Operations · The Manager, Security Operations reports to the Executive Director, Security & Classified Operations and Chief Security Officer. This position is accountable to lead the day to day functions of the Security Operations team whi ...
-
Information Systems Security Manager
3 weeks ago
National Academy of Sciences Washington, United StatesJob Description Summary: · Develops and administers information security procedures for systems in support of government agencies in the performance of classified programs and projects. Performs self-inspections and ensures compliance with applicable government security policies ...
-
Information Security Risk Manager
3 weeks ago
Hogan Lovells Washington, United StatesKeen to become part of a truly global, collaborative team of professionals? Your journey begins here. · The Information Security Risk Manager, under the direction of the Head of Global Information Risk, is tasked to protect information assets in support of Hogan Lovells business ...
-
IT Security Vulnerability Management Specialist
3 weeks ago
OCT CONSULTING LLC Washington, United StatesOCT Consulting, LLC is an SBA-certified, 8(a) small business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Managem ...
-
Information Security Risk Manager
3 weeks ago
Hogan Lovells Washington, United StatesKeen to become part of a truly global, collaborative team of professionals? Your journey begins here. · The Information Security Risk Manager, under the direction of the Head of Global Information Risk, is tasked to protect information assets in support of Hogan Lovells business ...
-
Global Security and Operations Manager
1 week ago
National Democratic Institute Washington, United StatesAbout UsThe National Democratic Institute is a nonprofit, nonpartisan organization working to support and strengthen democratic institutions worldwide through citizen participation, openness, and accountability in government.Help support democracy worldwideby joining our teamAbou ...
Information Systems Security Manager - Washington, United States - The Consortium
Description
Develops and administers information security procedures for systems in support of government agencies in the performance of classified programs and projects. Performs self-inspections and ensures compliance with applicable government security policies and procedures. Investigates information system security violations and implements corrective actions. Develops and implements information system security education and awareness programs. Serves and liaison to and interacts with government agencies to ensure compliance with policies and regulations.
Acts as a technical expert on program security. Performs work requiring advanced technical knowledge, often involving multiple phases and significant collaboration. Applies in-depth technical knowledge to independently and innovatively solve a full range of complex and sometimes unusual problems that impact organizational success. Brings industry-level expertise to function and recommends changes to remain up-to-date or competitive. Establishes processes and procedures to ensure the effective and efficient operation of a complex function. Has authority to take whatever action deemed advisable or necessary, subject only to organizational and departmental policies and processes. May provide work direction for less senior employees.
Responsibilities
Develops and administers information security procedures for information systems in support of government agencies in the performance of classified programs and projects.
Required Knowledge, Skills, and Abilities:
Minimum Experience: Five years of related experience in an information systems security environment.
Physical Capabilities: Ability to work at a computer for extended periods of time.
Required Licenses, Certification or Registration: U.S. Citizenship. Active DoD Top Secret/DOE Q clearance. Possess a DoD 8570 IAM level III baseline certification (CISM, CISSP or other).
Supervisory Responsibilities/Controls: Reports to Director. General direction is provided. Works closely with Information Technology Services (ITS) department.