LMI is seeking a Senior Cybersecurity Information Systems Security Manager (ISSM) to provide cybersecurity Risk Management Framework (RMF) Authority to Operate (ATO) support for a United States Army client
Requirements
- DOD Cyber Workforce (DCWF) 8140 (722) Intermediate Information Systems Security Manager certification: CGRC/CAP or CASP+ or CCSP or Cloud+ or SSCP or Security+ or GSEC.
- Experience with security requirements in a federal IT environment, including FedRAMP-certified providers and FISMA requirements for acquiring and maintaining an ATO.
- Experience with Enterprise Cross Domain Solutions.
- Experience with DoD STIGs and SRGs.
- Strong understanding of cybersecurity principles, standards, and best practices.
- Working knowledge of AWS products and capabilities.
- Experience with Agile development methodologies and working with Agile teams.
Responsibilities
- Oversee the entire RMF cycle, including initiation, categorization, selection, implementation, assessment, authorization, and continuous monitoring.
- Develop and maintain system security plans (SSPs) and associated documentation for each system under management.
- Conduct risk assessments and vulnerability assessments to identify and mitigate security risks
- Develop, review, and maintain Plan of Action & Milestones (POA&Ms), as required
- Ensure compliance with all relevant security policies, standards, and guidelines, including NIST SP 800 series.
- Perform Mission Owner (MO) responsibilities in accordance with (IAW) Cybersecurity Service Providers (CSSPs) Statement of Work (SOW).
- Review security controls and configuration requirements including secure network design, database access, security testing, authentication methods, implementation of encryption, privilege management, logging, input validation, secure storage design, and secure data transfer.
Other
- Minimum of a SECRET security clearance, TS/SCI Preferred.
- 5+ years Managerial experience in developing and implementing system information security standards and procedures in a DoD Cybersecurity Enterprise Environment.
- Previous Army cybersecurity and technology experience.
- Demonstrated experience with US Army technology, systems, and command & control policies and procedures.
- Excellent communication and interpersonal skills, with the ability to interact effectively with technical and non-technical stakeholders.
