Information Systems Security Manager (ISSM)

Job Description

Job Description

Company Overview

ARA is a leading C5ISR company that designs, manufactures, tests and installs innovative technologies that provide the national security community with unparalleled situational awareness, threat detection, and communications capabilities.

Our disruptive, integrated solutions, assemblies and subsystems rise to the challenging demands of discerning, mission-critical customers.

We leverage our capabilities to meet and exceed the requirements of our customers and empower them to remain ahead of evolving threats and complexities in a dynamic security landscape.

Job Summary

As an Information Systems Security Manager (ISSM), you will develop and maintain classified and unclassified System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and Risk Assessment Reports (RARs) in accordance with 32 CFR Part 117 NISPOM Rule. This position is primarily on-site with occasional travel to other company locations. You will ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the SSP, customer DD254s and DCSA or other Government agency requirements.

Essential Functions

Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

• Lead the company’s growing industrial security program.
• Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies.
• Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed
• Manage the security aspects of the information system and ensure day-to-day security operations of the system.
• Evaluate security solutions to ensure they meet security requirements for processing classified information.
• Perform vulnerability / risk assessment analysis to support certification and accreditation; coordinate, prepare and track AIS inspections, reports and responses.
• Ensure maintenance of AIS security records.
• Advise on Co-Utilization Agreements, ensure configuration management (CM) for information system security software, hardware, and firmware.
• Manage changes to the system and assess the security impact of those changes.
• Prepare and review documentation to include Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• Support security authorization activities.
• Support Facility Security Officer in industrial security program.
• Support day-to-day information system security operations including hardware and software implementations.
• Assist with the sanitization and relocation of equipment and manage hardware / software inventories.
• Ensure technical administration of the Information System (IS) in accordance with internal and customer security requirements.
• Develop and implement security policies, protocols, and procedures for classified systems.
• Ensure regular internal security audits and assessments are conducted.
• Document compliance actions within the accredited systems or develop a plan of actions and milestones (POA&M) with Management to address non-compliance in the allotted time frame.
• Monitor for unusual activity and respond to security incidents.
• Participate in the company’s Insider Threat Working Group.
• Assist with Cybersecurity Maturity Model Certification program.
• Coordinate with unclassified network IT staff with a focus on the latest cybersecurity trends and threats.
• Provide training and support on classified security information system protocols to staff.
• Prepare and present security status reports to management.
• Ensure compliance with relevant legal and regulatory requirements.
• Ensure vulnerability risk assessments and recommend mitigation strategies are performed.
• Collaborate with external auditors.
• Develop and maintain System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and Risk Assessment Reports (RARs).
• Execute RMF processes and procedures, including Continuous Monitoring of security controls.
• Ensure the sanitization and relocation of equipment and manage hardware / software inventories.
• Investigate and respond to security breaches.
• Perform other security duties as required.

Position Qualifications

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

Competency Statements

Experience and Skills

Education

Antenna Research Associates, Inc. is an equal opportunity employer committed to a policy of non-discrimination and affirmative action. We do not discriminate based on race, color, religion, sex, national origin, disability, protected veteran status, or any other legally protected status.

#LI-onsite