Information Systems Security Manager (ISSM) - 37741 in Oklahoma City, OK at Alion Science and Technology

Date Posted: 11/30/2021

Job Snapshot

Job Description

Alion Science & Technology is looking for a qualified Information Systems Security Manager (ISSM) to support AFLCMC/WWGB, the Special Program Sustainment Branch located at Tinker AFB, OK.   Must have an Active Top Secret/SCI security clearance, current within five years.  Must have 12 months or more of experience in a SAP environment within the last five years.  

Support is full time on base.

Security + certification

Certified Information Systems Security Professional (CISSP) Certified

10 Years experience.

Risk Framework Management

Framework (RMF) certification packages

Air Force Certification and Accreditation (C&A) Program

The ISSM shall ensure implementation of DoD, USAF, and MAJCOM policies and develop local processes and procedures for the effective execution of the WWGB Information Systems Security Support function. Work independently on tasks and exercise judgment in the execution of the following tasks: 

  • Develop and maintain a formal IS security program.
  • Implement and enforce IS security policies.
  • Review and endorse all IS accreditation/certification support documentation packages.
  • Oversee all ISSOs to ensure they follow established IS policies and procedures.
  • Review weekly bulletins and advisories that impact security of site information systems to include AFCERT, ACERT, NAVCIRT, IAVA, and DISA ASSIST bulletins.
  • Ensure that periodic testing (monthly for PL-5 systems) is conducted to evaluate the security posture of the ISs by employing various intrusion/attack detection and monitoring tools (shared responsibility with ISSOs).
  • Ensure that all ISSOs receive the necessary technical (e.g., operating system, networking, security management, SysAdmin) and security training (e.g., ND-225 or equivalent) to carry out their duties.
  • Assist ISSOs to ensure proper decisions are made concerning the levels of concern for confidentiality, integrity, and availability of the data, and the protection levels for confidentiality for the system.
  • Ensure the development of system accreditation/certification documentation by reviewing and endorsing such documentation and recommending action to the DAA Rep/SCO.
  • Ensure approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output.
  • Maintain, as required by the DAA Rep/SCO, a repository for all system accreditation/certification documentation and modifications.
  • Coordinate IS security inspections, tests, and reviews.
  • Investigate and report (to the DAA/DAA Rep/SCO and local management) security violations and incidents, as appropriate.
  • Ensure proper protection and corrective measures have been taken when an IS incident or vulnerability has been discovered.
  • Ensure data ownership and responsibilities are established for each IS, to include accountability, access and special handling requirements.
  • Ensure development and implementation of an effective IS security education, training, and awareness program.
  • Ensure development and implementation of procedures in accordance with configuration management (CM) policies and practices for authorizing the use of hardware/software on an IS. Any changes or modifications to hardware, software, or firmware of a system must be coordinated with the ISSM/ISSO and appropriate approving authority prior to the change.
  • Develop procedures for responding to security incidents, and for investigating and reporting (to the DAA Rep/SCO and to local management) security violations and incidents, as appropriate.
  • Serve as a member of the configuration management board, where one exists (however, the ISSM may elect to delegate this responsibility to the ISSO.)
  • Have a working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
  • Access only that data, control information, software, hardware, and firmware for which they are authorized access and have a need-to-know, and assume only those roles and privileges for which they are authorized.
  • Review weekly bulletins and advisories that impact security of site information systems to include AFCERT, ACERT, NAVCIRT, IAVA, and DISA ASSIST bulletins

Required:

  • Must have at least 10 years of experience and working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
  • Certified Information Systems Security Professional (CISSP) Certified
  • Security + certification desired
  • Must have experience in coordinating IS security inspections, tests, and reviews.
  • Must have 12 months or more of experience in a SAP environment within the last five years. 
  • Knowledge of Risk Framework Management (RFM)
  • Air Force Certification and Accreditation (C&A) Program experience
  • Must have experience in developing and maintaining a formal IS security program as well as knowledge in enforcing IS security policies.
  • Review and endorse all IS accreditation/certification support documentation packages.

Must have a current Security Clearance: Top Secret/Sensitive Comp Info./Special Access Program eligible


Security Clearance: Top Secret/Sensitive Comp Info
Telework - Not Eligible

Diversity Statement

We are an EOE that values our employee’s talent – regardless of gender, race, ethnicity, national origin, sexual orientation, religion or other protected characteristics – Your Talent Is Our Strength.

Women, minorities, individuals with disabilities and Veterans are encouraged to apply. Alion will provide a reasonable accommodation to individuals with disabilities and disabled veterans who need assistance to apply. Please visit the Alion Careers site for more information. U.S. Citizenship Required for the majority of our positions.

Covid Notice

A new Federal Executive Order requires that employees of Federal contractors and subcontractors be fully vaccinated for COVID-19 by December 8, 2021. Accordingly, as a condition of employment with Technical Solutions, a division of Huntington Ingalls Industries, employees will be required to provide proof of full vaccination against COVID-19 or have an approved exemption prior to starting employment.

Next Steps

Join the Huntington Ingalls Industries (HII), Technical Solutions Division Talent Network today and stay up-to-date on our openings as they continue to become available! As a member of our network, you will receive alerts with new job opportunities that match your interests and have the ability to share job opportunities through social media or email. Join now!

Whether you choose to apply or just leave your information, we look forward to staying connected with you.

JOIN OUR TALENT NETWORK

Woman smiling