Robert Half Technology is hiring an Information Systems Security Manager (ISSM) for a company in Los Alamos, NM. Mostly remote with some occasional travel to Los Alamos but candidate has to be local to New Mexico.
The Information Systems Security Manager (ISSM) will be responsible for ensuring development and proper implementation of the security controls documented in the Systems Security Plan (SSP) for all information systems for which the ISSM is responsible, including sensitive unclassified networks supporting business, special purpose, and security functions. The ISSM provides certification documentation for all information system accreditations and performs other duties as required to implement the Cyber Security programs necessary to support U.S. Government regulatory requirements, (DOE/NNSA, NRC, etc.). In addition to the duties required to maintain SSPs, the ISSM is also responsible for security operations duties, including proactively monitoring event sources for anomalies, conducting vulnerability assessments, incident response activities, firewall administration, and being an all-star problem solver.
The successful Information System Security Manager (ISSM) will have:
Prior experience performing risk assessments, developing security plans, implementing DISA STIGs, and developing Standard Security Configuration Guides or similar technical products
DOE is desired, DOD or other heavily regulated Corporate experience like Healthcare may be an option.
Must have an understanding of open-source and other tools to assist in detection, prevention and analysis of security threats;
Must have a working knowledge of system functions, firewall administration, cyber security policies, and cyber security protection requirements;
Must have experience in at least 2 of the following technology vendors: Cisco FirePower, CarbonBlack, Cylance, DataLocker, Entrust, FireEye, ivanti, Tenable, and/or Zscaler.;
Must have excellent communications skills, especially technical report writing; candidates are encouraged to submit a sample of a technical report authored by the candidate;
Must have one or more of the following certifications: GSEC, CEH, CISSP, CISA, GCIH, OSCP;
Must be able to maintain confidentiality when working with sensitive information;
Bachelors' degree in Information Systems, Computer Science, Management Information Systems, or a related discipline combined with at least 2 years of experience to include technical skills and experience with the following: Splunk administration, network intrusion detection system (IDS) administration, Active Directory and Group Policy Objects, Anti-virus administration consoles, Data Loss Prevention (DLP) systems, Microsoft Windows operating systems, Linux operating systems and advanced cyber security toolkits, malware analysis, penetration testing, and digital forensics tools; however, a combination of education and relevant experience wherein the knowledge, skills and abilities to perform the position's duties and responsibilities have been adequately demonstrated is acceptable.
All qualified applicants will be considered; however, the successful candidate must be able to obtain and maintain a Q clearance.