Concordia Technologies is seeking an experienced ISSM to join our team in Huntsville, AL. As an ISSM, you'll lead a team responsible for maintaining the authorization of systems throughout their lifecycle.
You'll provide technical expertise in security engineering, ensuring adherence to Defense in Depth principles. Your responsibilities will include drafting and maintaining ATO/ATC documentation.
The ideal candidate will have a strong track record of supporting DoD programs and managing Information Assurance teams to deliver high-quality results.
This position offers a stable corporate role, not tied to contracts.
Important Note: This position is only open to those who can obtain and maintain a U.S. security clearance.
Location: Huntsville, AL
Key Responsibilities
- Ensure compliance with cyber security requirements in accordance with DoD and DoD Component cybersecurity and information assurance policies and guidance
- Support the PM in development of a POA&M and budget that addresses the implementation of cyber security requirements throughout the lifecycle of the system
- Lead and provide guidance for a cyber security team
- Support implementation of Risk Management Framework (RMF)
- Maintain and report systems assessment and authorization status and issues in accordance with DoD component guidance
- Coordinate with the organization’s security manager to ensure issues affecting the organization's overall security are addressed appropriately
- Continuously monitor the system or information environment for security-relevant events and configuration changes that negatively affect security posture
- Periodically assesses the quality of security controls implementation against performance indicators
- Immediately report any significant change in the security posture of the system, and recommended mitigations, to the Security Control Assessor (SCA) and AO
- Recommend to the SCA or AO a reassessment of any or all security controls at any time, as appropriate
- Ensure that SSE processes are aligned to, and adequately documented in the program's SEP and PPP, and are executed with sufficient rigor to ensure required security controls are implemented, resulting in the lowest level of residual risk to system operation
- Maintain situational awareness and initiate actions to improve or restore IA posture as well as conducting annual security reviews of all IA controls and a test of selected IA controls
- Train ISSOs within the team to grow their skillsets in the various aspects of Risk Management Framework and Accreditation/Authorization to include, but not limited to eMASS, SPLUNK, PO&AM generation, etc.
Required Skills
· Active Security Clearance
· Bachelor’s Degree Required
· DoDI 8570 IAM Level II certification (CASP, CAP, CISSP/Associates)
Required Qualifications
- Ability to obtain and maintain a U.S. security clearance.
- Bachelor’s degree in a related field.
- 10-12 years’ experience in cyber security or information assurance.
- Must be Certified Information Systems Security Professional (CISSP) certified.
- Experience with the certification and accreditation process.
- Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems.
- Knowledge of intrusion prevention and network access control tools/systems.
- Understanding of system audit principles and security risk assessment.
- Strong understanding of security policy advocated by the U.S. Government including the Department of Defense and appropriate civil agencies, e.g., NIST.
- General experience includes development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented.
- Must have a solid understanding of network infrastructure and mission assurance.
- Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB.
- Must have excellent communications skills and be capable of working with all levels of an organization.
- Must be a US Citizen and hold a current Secret DOD clearance.
Desired Qualifications
- CISA, CISM, and / or CISSP certifications.
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
Concordia Technologies participates in E-Verify.
Job Type: Full-time
Pay: $100,000.00 - $150,000.00 per year
License/Certification:
- CISSP (Preferred)
- Certified Information Systems Auditor (Preferred)
Ability to Commute:
- Huntsville, AL 35805 (Required)
Ability to Relocate:
- Huntsville, AL 35805: Relocate before starting work (Preferred)
Work Location: In person