Information System Security Manager - Melbourne, United States - Cromulence LLC

    Cromulence LLC
    Cromulence LLC Melbourne, United States

    1 month ago

    Default job background
    Description

    The Information System Security Manager (ISSM) role will be expected to manage all aspects of information systems security across the company. This includes:

    • Planning, developing, deploying, and maintaining small-to-medium-sized networks of Windows, Linux, and MacOS systems
    • Working as an information systems security practitioner to configure and maintain systems in accordance with the applicable security policies, e.g. applying STIGs to configure security and network settings
    • Working directly with IT personnel to implement group policies in Active Directory (Azure and on-prem)
    • Conducting periodic hardware and software inventory assessments
    • Perform customer required system audits, software patching, and virus definition updates
    • Implementing and maintaining company-wide security and information technology policies
    • Developing and implementing an effective information system (IS) security training and awareness program
    • Coordinating periodic security inspections, tests, reviews, and audits of our ISs to evaluate our security posture and comply with customer requirements
    • Designing and implementing a cybersecurity plan and controls for responsible systemswithin the NIST Risk Management Framework (RMF)
    • Monitoring and enforcing compliance with all SOPs and other applicable security rules and regulations (i.e. NISPOM, DCIDs, ICDs and other applicable documents), and recommending updates to maintain compliance with those regulations
    • Reviewing weekly bulletins, advisories, and/or vulnerability alerts that may impact security of site ISs (and taking appropriate action when necessary)
    • Enforcing approved procedures for media (scanning, tracking, clearing, purging, declassifying, releasing, etc.)
    • Ensuring proper corrective measures have been taken when an incident occurs and/or a vulnerability has been discovered
    Our ideal candidate would possess the following qualifications:
    • Bachelor's degree (or higher) in Information Systems, Information Technology, or any related discipline (Information Assurance, Computer Science, Cybersecurity, etc.)
    • IAM Level 3 certification (CISSP or similar)
    • 5+ years of demonstrable experience performing day-to-day ISSO/ISSM responsibilities
    • Familiarity with applicable security/IA requirements based on ICD 503, NIST SP 800-37, NIST SP Rev 4, NIST SP , CNSS 1253, JSIG, CMMC, and NISPOM
    • Experience with applying and adhering to DoD Secure Technical Implementation Guidelines (STIGs) and CIS Benchmarks, including experience with relevant hardening and compliance assessment tools (NESSUS, SCAP, Splunk, etc.)
    • Experience managing and maintaining System Security Plans (SSPs) from inception through decommissioning following the NIST Risk Management Framework (RMF) process
    • Experience ensuring Configuration Management (CM) for security-relevant IS software, hardware, and firmware is documented and maintained
    • Strong skills in organization and communication
    • Strong orientation toward both details and results
    An active Top Secret U.S. government security clearance (and, therefore, U.S. citizenship) is required.

    Cromulence is a growing cybersecurity company located in historic downtown Melbourne, Florida. We specialize in Computer Network Operations Tools, Cybersecurity Competitions, advanced Program Analysis Research & Development, and Vulnerability Research.

    We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected.