- Cyber Defense
- District of Columbia, United States
Job Description: Senior Information System Security Manager
XOR Security is currently seeking several talented Senior Information Systems Security Manager to support an Agency-level Advanced Cyber Analytics team.
- Manage ISSO efforts with respect to established duties
- Serve as Derivative Classifier as required by location
- Read and implement IA regulations and requirements per DOE-IN CISO’s direction; develop and maintain managerial, operational, and technical IA skillset
- Comment on new ODNI/NIST standards / regulations as applies to client environment
- Review A&A documentation (BOE) to assure accuracy and professionalism as well as compliance to ODNI requirements. Support development of Contingency Plan, Incident Response Plan, and Configuration Management Plan
- Employ best practices when implementing security requirements within an information system including
- Manages extensive evaluations of major information security networks, prepares evaluation reports, and presents recommendations. Conducts trade off analyses of products for clients to determine optimal informant security solutions
- Prepares remedial options and supervise correction of information security shortfalls
- Manage, maintain, and ensure successful implementation of Certification and Accreditation program
- Ensure products and services comply with all appropriate (ITSEC) certification & accreditation requirements and best practices as prescribed by the ODNI, local authorities
- Analyze scan results, and document findings for products as required to successfully complete Collateral and SCI-level security certification testing and evaluation (ST&E) as appropriate for the product
- Prepare Security documentation in support of project tasks and as tasked for approved project requirements, which support successful completion of Collateral and/or SCI-level security testing and evaluation (ST&E) appropriate for the product, including but not limited to Authority of Operated (ATO), Authority to Test (ATT), Memorandum of Understanding (MOU), and Interconnection Security Agreements (ISA)
- Assure that Personal Electronic Devices are properly configured for ingress into the SCIF and review for data acquisition/retention upon SCIF egress
- Update PED documentation as required to be in-compliance with DOE-IN and IC policy
- Develop/Update training material include refresh training, role specific training, task specific training
- Respond to cyber incidents as defined in DOE-IN Incident Response and local SOP
- Principle interface to IC-SCC with respect to incidents, forensic review and conclusion of investigation of all cyber related events.
- Must possess 15 years of information assurance experience with a bachelor’s degree in a technical field. Five of the 15 years must be technical experience effectively providing network and/or system administration, information assurance security testing, and evaluation duties
- Familiar/proficient in all security domains
- 5 Years of C&A experience with, DCID 6/3, ICD-503, and/or NIST Framework
- Knowledge of the IC, national level system security initiatives, and secure Information/Local Area Network (LAN)/Wide Area Network (WAN) technologies
- Possess effective interpersonal and presentation skills; possess the ability to communicate in written and oral form; publication or presentation experiences are preferred
- Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures
- Possesses experience supporting the Intelligence Community (IC)
- Experience with supporting the Joint Worldwide Intelligence System (JWICS)
- Knowledge of cloud architecture
- Preferred technical experience effectively provided network and/or system administration, and/ or computer operations
- Knowledge of virtualization. Must possess CISSP, CISA or CISM certification
- Active Top-Secret Clearance required
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and TOP SECRET/SCI CLEARANCE REQUIRED.