Information System Security Manager/Information System Security Engineer at Integral Consulting Services in Hanover, Maryland

Job Description:

Position Title: Information System Security Manager/Information System Security Engineer

Location: US-Maryland-Hanover


Job ID: 4801

# of Openings: 1

Category: Information Technology

Clearance: Secret

Clearance Status: Active

Type: Regular Full-Time


Overview:

The Information System Security Manager (ISSM)/Information System Security Engineer (ISSE) is a dual role responsible for managing the TAMIS cybersecurity program and implementing cybersecurity best practices for software engineering methodologies, system/security engineering principles, secure design, and secure architecture principles for all components within the accreditation boundary including operating systems (OS) and network interconnects.

Responsibilities:

· Responsible for Incident Response, risk management, personnel security, account approvals, system interconnections, security engineering throughout the TAMIS software lifecycle, and other tasks as assigned.

· Develop, maintain, and review the TAMIS Assessment and Authorization (A&A) package in the Enterprise Mission Assurance Support Service (eMASS) system to maintain the Authorization to Operate (ATO) of the TAMIS system IAW DoD and Army rules, regulations, and standards.

· Develop, maintain, and update all Cybersecurity documentation required for all TAMIS environments to remain compliant which includes all documentation of the TAMIS system architecture (DoDAF diagrams, Network Diagrams, Hardware/ Software/ Firmware Lists, and other related content)

· Perform an official RMF Self-Assessment annually reporting the status of security controls in eMASS.

· Manage the TAMIS Plan of Action and Milestones (POA&M) in eMASS ensuring mitigation and remediation actions are implemented in a timely manner

· Assist in designing, analyzing, and assessing network architectures to ensure the network and network devices are of sufficient cybersecurity resiliency to meet the system's operational requirements

· Complete and/or update each applicable DoD Security Technical Implementation Guide (STIG) Checklist for the appropriate system components.

· Ensure secure configuration to include all pertinent patches and fixes by routinely reviewing vendor sites, bulletins, and notifications and proactively updating systems with fixes, patches, definitions, service packs, or implementation of vulnerability mitigation strategies

· Implement all technical, procedural, and documentation focused security controls IAW DoD and Army rules, regulations, and policies to ensure the confidentiality, integrity, and availability of TAMIS environments

· Assist in the identification and development of cybersecurity methodologies and engineering efforts utilizing scientific methods in accordance with best practices, policies, and guidance to develop material solutions that will fill capability gaps within the cybersecurity discipline

· Ensure that the TAMIS system is deployed using a Secure System Architecture in a highly available, scalable configuration in the cloud

Qualifications:

Required:

· Bachelors Degree in Information Systems/Information Security certification or equivalent experience.

· Recognized security professional certification (Certified Information System Security Professional (CISSP II) certification, Certified information Security Manager (CISM), or other).

· Possess 8570 IA Baseline Certification and 8570 Computing Environment (CE) Certification/Certificate (Microsoft Certified IT Professional (MCITP) certification)

· 4-8 years of experience, with a minimum of 2 years managing cybersecurity programs and implementing RMF cybersecurity controls for Army information systems in the cloud.

· Experience establishing, documenting, monitoring, and implementing a risk-based cybersecurity program for Army Web-Based applications in multiple cloud environments is required and must have been demonstrated on previous projects.

· Demonstrated experience interfacing and troubleshooting issues with DISA GCDS, Army Cyber Command (ARCYBER), CSSPs, Akamai, CSPs and other external entities to ensure continual operation and compliance of Army applications in the cloud.

· Fully trained and have demonstrated expertise of Risk Management Framework (RMF), ACAS, HBSS, eMASS, Akamai, Amazon Web Services (AWS), Microsoft Operating Systems, and Veracode.

Company Overview:

Integral partners with federal defense, intelligence, and civilian leaders to tackle their most important challenges and deliver positive outcomes. Since our founding in 1998, we have helped clients leverage existing and emerging technologies to transform their enterprises, empower growth, drive innovation, and build sustainable success. The forward-leaning solutions we deliver are tailored to each mission with a focus on keeping our nation safe and secure.

Integral is headquartered in Tysons Corner, VA and serves clients throughout the country.

We offer a comprehensive total rewards package including paid parental leave and immediate vesting in our 401(k). Give us a try and become part of a curated group of professionals at Integral Federal!

Our package also includes:

· Medical, Dental & Vision Insurance

· Flexible Spending Accounts

· Short-Term and Long-Term Disability Insurance

· Life Insurance

· Paid Time Off & Holidays

· Earned Bonuses & Awards

· Professional Training Reimbursement

· Paid Parking

· Employee Assistance Program

Integral is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, military/veteran status, physical or mental disability, or any other protected class.

Equal employment opportunity, including veterans and individuals with disabilities.

PI265820511

Apply Now