Senior Information Systems Security Manager ( Sr. ISSM

MTSI is looking for an Senior Information Systems Security Manager at Tinker AFB, OK. The candidate shall have the appropriate DoD 8570 Information Assurance Management certification level, including Security+ IAM Level 1, and CISSP Level 2 and 3 or equivalent certifications, and 3-5 years of classified information systems experience to develop and implement DoD security controls.

• Sustain and update the formal IS security program as needed with the Government ISSM.
• Implement and enforce IS security policies.
• Review and endorse all IS assessment and authorization support documentation packages.
• Advise, provide guidance, and assist the IT/IA team to ensure compliance with established IS policies and procedures.
• Review weekly bulletins and advisories that impact security of site information systems to include AFCERT, ACERT, NAVCIRT, IAVA, and DISA ASSIST bulletins.
• Ensure that periodic testing (monthly for PL-5 systems) is conducted to evaluate the security posture of the ISs by employing various intrusion/attack detection and monitoring tools (shared responsibility with ISSOs).
• Ensure that all ISSOs receive the necessary technical (e.g., operating system, networking, security management, Sys Admin) and security training (e.g., ND-225 or equivalent) to carry out their duties.
• Advise ISSOs concerning the levels of concern for confidentiality, integrity, and availability of the data, and the protection levels for confidentiality for the system.
• Ensure the development of system assessment and authorization documentation by reviewing and endorsing such documentation and recommending action to the DAO/SCA.
• Ensure approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output.
• Maintain, as required by the DAO/SCA, a repository for all system assessment and authorization documentation and modifications.
• Coordinate IS security inspections, tests, and reviews.
• Investigate and report (to the DAO/SCA and local management) security violations and incidents, as appropriate.
• Ensure proper protection and corrective measures have been taken when an IS incident or vulnerability has been discovered.
• Ensure data ownership and responsibilities are established for each IS, to include accountability, access and special handling requirements.
• Ensure development and implementation of an effective IS security education, training, and awareness program.
• Ensure development and implementation of procedures in accordance with configuration management (CM) policies and practices for authorizing the use of hardware/software on an IS. Any changes or modifications to hardware, software, or firmware of a system must be coordinated with the ISSM/ISSO and appropriate approving authority prior to the change.
• Develop procedures for responding to security incidents, and for investigating and reporting (to the DAO/SCA and to local management) security violations and incidents, as appropriate.
• Serve as a member of the configuration management board, where one exists (however, the ISSM may elect to delegate this responsibility to the ISSO.)
• Have a working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
• Access only that data, control information, software, hardware, and firmware for which they are authorized access and have a need-to-know and assume only those roles and privileges for which they are authorized.

• Shall have senior level experience (minimum 10 years) demonstrating and practicing their knowledge, skills, and abilities directly related to information security.
• Must have 12 months or more experience in SAP environment within the last five years.
• Must possess an active Top Secret security clearance, current within five years, and be eligible for Sensitive Compartmented Information (SCI) and Special Access Programs (SAP) access.
• Candidate will be required to fill out a Pre-Screening Questionnaire prior to hiring consideration.
• Have at least a Master of Science degree in Information Security.

Interesting Work: Our co-workers support some of…