Information Systems Security Manager
Arlington, Virginia
Onsite
Full Time
$100k - $135k
Information Systems Security Manager
Serves as a program security technical expert, undertaking tasks that demand advanced technical proficiency, often involving multiple phases and substantial collaboration. Applies extensive technical knowledge to independently and creatively address a wide range of complex and occasionally unique problems that impact organizational success. Contributes industry-level expertise and recommends changes to remain current and competitive. Establishes processes and procedures to ensure the effective and efficient operation of a complex function. Empowered to take necessary actions within organizational and departmental policies and processes and may provide work direction for less senior employees.
The company is located in Washington D.C. and will be 5 days on site.
What You Will Be Doing:
Required Skills & Experience:
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.
Serves as a program security technical expert, undertaking tasks that demand advanced technical proficiency, often involving multiple phases and substantial collaboration. Applies extensive technical knowledge to independently and creatively address a wide range of complex and occasionally unique problems that impact organizational success. Contributes industry-level expertise and recommends changes to remain current and competitive. Establishes processes and procedures to ensure the effective and efficient operation of a complex function. Empowered to take necessary actions within organizational and departmental policies and processes and may provide work direction for less senior employees.
The company is located in Washington D.C. and will be 5 days on site.
What You Will Be Doing:
- Develops and implements information security procedures for The National Academies' information systems, supporting Government agencies in classified programs and projects.
- Executes a comprehensive IT program, crafting detailed security policies, plans, and procedures that surpass customer expectations and minimize security risks.
- Assumes the role of management official and point-of-contact for information system issues involving sensitive and classified information.
- Manages security controls to ensure the confidentiality, integrity, and availability of information and information systems. Integrates security into the development process and defines specifications for acquiring new systems. Reviews secure systems procurements to confirm the inclusion of security considerations.
- Provides strategic guidance on secure meetings and cutting-edge conference room technologies.
- Acts as a liaison with program staff and other customers, responding to short-notice tasks, and delivering security engineering and integration services.
- Investigates information system security violations, preparing reports specifying corrective actions for the current situation and preventative actions for the future.
- Proactively coordinates the establishment of system security controls, utilizing authentication techniques, encryption, firewalls, and access controls.
- Audits, monitors, and performs self-inspections of applications, systems, and security logs for security threats, vulnerabilities, and suspicious activities.
- Conducts risk assessments for all systems and addresses vulnerabilities where feasible.
- Develops and implements information system security training, education, and awareness programs for all system users.
- Interacts with Government agencies to obtain rulings, interpretations, and acceptable deviations for compliance with Chapter 8 of NISPOM and other regulations.
- Prepares documentation, including Information Security Plans, outlining regulations and establishing information security policy.
- Appoints and manages Information System Security Representatives (ISSR) as necessary.
Required Skills & Experience:
- Thorough understanding of the National Industrial Security Program Operating Manual (NISPOM) Chapter 8 requirements.
- Skills in developing Information Systems security plans, policies, and procedures.
- Knowledge of UNIX, WIN/NT/2000, or similar operating systems.
- Skills in establishing and maintaining SIRNET connectivity.
- Information Systems Security knowledge in system auditing.
- Ability to work independently in a fast-paced environment.
- Ability to operate with appreciable latitude for independent judgment and action.
- Experience working in complex environments with a high degree of organizational effectiveness.
- Ability to work successfully in a team environment.
- Ability to develop relationships with co-workers and employees in other National Academies' departments.
- Excellent communication skills with a proven ability to effectively interact with all levels of employees, contractors, and customers.
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.