As a Sr Systems Security Manager (SSM) and be responsible for defining, implementing, and maintaining information security policies. As an SSM you will serve as the principal advisor on all matters technical and otherwise involving information systems and security. You will provide oversight of the systems security team, leading projects, meeting deadlines, and making sure all business needs by SNC are met. You will also be pushing the boundaries of systems security by dealing with cutting edge technology at the forefront of our business enterprise.
The ISR (Intelligence, Surveillance & Reconnaissance), Aviation, and Security (IAS) business area is a leader in ISR and aviation, it is a leading prime manned and unmanned aircraft systems integrator for innovative, high-performance ISR and aviation systems. Its end-to-end Command, Control, Computers, Communications and Intelligence, Surveillance & Reconnaissance (C4ISR) capabilities encompass design, integration, test, certification, ground/flight training and complete logistics support. IAS tailors solutions to customer cost, performance, and schedule requirements and designs to consistently exceed expectations – with an unrivaled record of on time and on (or under) budget deliveries. https://www.sncorp.com/company/business-areas/
The Sr Systems Security Manager is responsible to design and deploy secure IT systems in support of various special programs. The Sr SSM’s primary focus will be working with skilled technicians to design and implement security controls in a newly minted development environment, assuring customer requirements and expectations are met, whilst remaining in compliance with appropriate USG & enterprise policies, procedures, and requirements. The Sr SSM manages a small team to design, implement and measure security controls across a multi-location network as well as coordinate and engage with other entities and stakeholders across the organization. The Sr SSM will brief leadership on progress, produce reports and manage “up and out” communication to ensure all parties are well-informed.
Responsibilities Include:
- Manage a team of highly skilled professionals, perform yearly performance reports and additional duties as needed. Provide technical guidance as needed by team members in support of information systems within the ISSMs responsibility
- Ability to manage multiple taskings as needed to ensure mission success and delegate to employees as needed based on skills and availability
- Serve as site Information Systems Security Manager (ISSM) and maintain security documentation for system hardware and software, to include SSP’s, POA&M’s, equipment specifications, practices and procedure
- Perform mandatory Information System (IS) audit of patching, updating, and scanning based on vulnerabilities and threats or regulatory compliance; maintain the day-to-day security posture and continuous monitoring for all systems
- Conduct risk assessment testing procedures for verification of Certification & Accreditation (C&A)/A&A/RMF safeguards to meet various regulatory requirements based upon RMF for DoD IT, ICD 503, DJSIG, JSIG & NIST guidelines
- Evaluate IS threats and vulnerabilities to determine whether additional safeguards are needed for a wide range of IS security related areas including architectures, firewalls, electronic data traffic, and network access
- Interpret government security classification guides (SCG) to determine classified system requirements and prepare written instructions to facilitate proper security implementation throughout the system lifecycle
- Collaborate with customers (internal and external) during the design and development process to employ best practices when implementing security requirements and controls
- Apply configuration Management (CM) policies and procedures for authorizing the use of hardware/software on an IS; participate in the Configuration Control Board (CCB) to ensure changes are NOT detrimental to system security
- Support Corporate Director of Security and Corporate ISSM in company-wide initiatives
- Coordinate with security managers (both corporate and local), Facility Security Officer (FSO) and Information Systems Security Engineers (ISSE) to define, implement and maintain information security policies, strategies, and procedures
- Implement policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents; assist the SNC IT cyber group with forensic investigations across the corporation
- Assess changes to an IS by performing periodic self-inspections, tests and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed
- Administer IS security education, awareness, and training activities for facility management, IS personnel, users, and others, as appropriate
- Periodic travel to SNC, customer and partner facilities in support of programs. Interface with company and customer staff at all levels
Must Haves:
- Bachelor's degree in Systems Security, Network Engineering, Information Technology or related Engineering field of study and typically 6 - 8 years of experience
- Relevant experience may be considered in lieu of required education
- Leadership abilities inclusive of successful change management, mentoring, career development, training, succession planning, holding people accountable, and conducting yearly reviews
- Knowledge of technical standards relating to systems security; experience administering UNIX, Linux, and Windows operating systems, experience with large-scale server systems, thin client architecture, system virtualization and other related peripherals
- Experience with A&A requirements as outlined in the NISPOM, RMF for DOD, ICD 503, JSIG & NIST RMF
- Experience with software such as Splunk , ACAS / Nessus, HBSS
- Knowledge of DoD, government contracting and/or public auditing, policies, standards, and procedures
- In-depth knowledge of NIST 800-53, Risk Management Framework (RMF), JSIG requirements and SAP IT processing and BOEs
- An active Top Secret with SCI eligibility U.S. Security Clearance is required
Preferred:
- CISSP-ISSEP, CISSP-ISSAP, CISSP-ISSMP or Certification
- MCSE or Linux Security Certification
- Experience with Dell Servers, Wyse Management Services, VMWare Horizon, Cisco/Juniper and Active Directory
Estimated Starting Salary Range: $165,010.21 - $226,889.04. SNC considers several factors when extending job offers, including but not limited to candidates’ key skills, relevant work experience, and education/training/certifications.
SNC offers annual incentive pay based upon performance that is commensurate with the level of the position.
SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, tuition reimbursement, and more.
IMPORTANT NOTICE:
This position requires current/active Top Secret with SCI eligibility U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-U.S. Citizens may not be eligible to obtain a security clearance. The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the U.S., foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.
Learn more about the background check process for Security Clearances.
SNC is a global leader in aerospace and national security committed to moving the American Dream forward. We’re known and respected for our mission and execution focus, agility, and disruptive and rapid innovation. We provide leading edge technologies and transformative solutions that support our nation’s most critical security needs. If you are mission-focused, thrive in collaborative environments, and want to make our country stronger with state-of-the-art technologies that safeguard freedom, join our team!
As an Equal Opportunity Employer, we welcome our employees to bring their whole selves to their work. SNC is committed to fostering an inclusive, accepting, and diverse environment free of discrimination. Employment decisions are made without regarding to race, color, age, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran or other characteristics protected by law. Contributions to SNC come in many shapes and styles, and we believe diversity in our workforce fosters new and greater ways to dream, innovate, and inspire.