Information System Security Manager (ISSM)

Company: Ascent Aerospace
Location: Irvine
Posted on: August 5, 2022

Job Description:

Summary of Position An Information Systems Security Manager (ISSM), is responsible for the security of the information systems at the facility and certifies to DSS that all security requirements are in place and the system is properly configured and protected. This ISSM will participate in technical research and development to enable continuing innovation within the cyber infrastructure. The ISSM will also ensure that system hardware, operating systems, software systems, and related procedures adhere to organizational values. Essential Functions Manages and oversees the compliance and policy aspects for the company regarding Information Assurance for systems and networks that contact government information. Familiar with Defense Security Service (DSS) Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), and Security Content Automation Protocol (SCAP) Tool Work closely with the Facility Security Officer (FSO) and corporate leadership to ensure cyber and physical security standards are met Serve as Information Systems Security Manager (ISSM) for classified computers in DoD and Intelligence Community computing environments. Oversees day-to-day security posture and continuous monitoring of IS including security event log review and analysis. Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system. Prepares and maintains Cyber/IT security Maintain thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM). Reviews and performs technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional. Monitors and resolves Plan of Action and Milestones (POA) to mitigate system vulnerabilities on assigned Information Systems. Reviews and maintains security assessment and authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, SCTM) Other Functions: Support and maintain client asset management including inventory, updates, repairs, and replacements. Support backend client services including antivirus, user access, and network administration. Support client/server software applications in support of business processes. Trains end users as required on system changes. Collaborates with Cyber and IT team to support execution of application changes, ensuring compliance and quality standards are part of deployment. Supports third party applications that integrate with client/server software applications. (Microsoft Office, NX, Verisurf, AutoCAD, etc.) Adhere to strict Information Systems security guidelines in all cases. Proactively anticipates and meets customer needs. Must be a self-starter with a high sense of accountability. Collaborates throughout the organization, seen as a trusted business partner in accomplishing work. Work independently and professionally to ensure the IT team is meeting business expectations. Required Skills, Education & Experience Any combination of education and experience providing the required skill and knowledge for successful job performance will be considered. Typical qualifications would be: Must have previous ISSO or ISSM experience, preferably 2+ years Must have held a DoD security clearance in the past 2 years and be able to attain and maintain an active Secret clearance Must have excellent writing skills (email communication, procedure writing, etc.) Must be familiar with classified computing environments in one or more of the following; ICD-705, DoDIs 8500.01 & 8510.01, NIST SP 800-53, and Risk Management Framework (RMF); JSIG, NISPOM, DCSA, etc. Must have a DoD 8570.01 Certification of IAT Level II Security+ CE or equivalent or attain certification within 6 months of hire This position must meet Export Control Compliance requirements, therefore a "US Person" as defined by 22.C.F.R. is required Preferred QualificationsBachelor's degree preferred. Technical certification preferred: Microsoft, Cisco, CompTIA A+, Net+ 3-5 years of experience in a desk side support role serving end users. 3-5 years' experience supporting Windows 10 desktop operating systems. 3-5 years' experience supporting Microsoft Office applications. Office 2016, 2019 etc. years' experience using desktop imaging tools. (Windows Deployment Services, Acronis) 3-5 years' experience supporting enterprise Anti-Virus/Anti-Malware tools. (Agent Based tools, etc.) 3-5 years' experience supporting users with remote management tools. 3-5 years' experience supporting mobile devices. Apple/Android; MaaS360 MDM 3-5 years' experience supporting peripheral devices including wireless peripherals. Bar code scanners, printers, etc. Experience supporting NX, CPLM, & CATIA is a plus. Experience supporting CNC machine controls is a plus. Experience supporting VeriSurf Laser tracking software is a plus. Experience securing systems using NIST RMF framework and Security Technical Implementation Guides (STIGs) standardsSUPERVISORY RESPONSIBILITY No Travel May be required to travel to Santa Ana FacilityOther details Job Family INFORMATION TECHNOLOGY Job Function Information Technology Pay Type Salary Travel Required No Apply Now

Keywords: Ascent Aerospace, Irvine , Information System Security Manager (ISSM), Executive , Irvine, California