Information Systems Security Manager - Intermediate - OV-MGT-001-2 (NCR)
Company: Rividium
Location: Washington
Posted on: October 19, 2024
Job Description:
Information Systems Security Manager - IntermediateLOCATION:
National Capital Region - Washington, DC or Northern
VirginiaEXPERIENCE LEVEL: IntermediateCLEARANCE: TOP SECRET/SCIWORK
ROLE DESCRIPTION:Responsible for the cybersecurity of a program,
organization, system, or enclave.TASKS:
- T0001: Acquire and manage the necessary resources, including
leadership support, financial resources, and key security
personnel, to support information technology (IT) security goals
and objectives and reduce overall organizational risk.
- T0002: Acquire necessary resources, including financial
resources, to conduct an effective enterprise continuity of
operations program.
- T0003: Advise senior management (e.g., Chief Information
Officer [CIO]) on risk levels and security posture.
- T0004: Advise senior management (e.g., CIO) on cost/benefit
analysis of information security programs, policies, processes,
systems, and elements.
- T0005: Advise appropriate senior leadership or Authorizing
Official of changes affecting the organization's cybersecurity
posture.
- T0024: Collect and maintain data needed to meet system
cybersecurity reporting.
- T0025: Communicate the value of information technology (IT)
security throughout all levels of the organization
stakeholders.
- T0044: Collaborate with stakeholders to establish the
enterprise continuity of operations program, strategy, and mission
assurance.
- T0089: Ensure that security improvement actions are evaluated,
validated, and implemented as required.
- T0091: Ensure that cybersecurity inspections, tests, and
reviews are coordinated for the network environment.
- T0092: Ensure that cybersecurity requirements are integrated
into the continuity planning for that system and/or
organization(s).
- T0093: Ensure that protection and detection capabilities are
acquired or developed using the IS security engineering approach
and are consistent with organization-level cybersecurity
architecture.
- T0095: Establish overall enterprise information security
architecture (EISA) with the organization's overall security
strategy.
- T0097: Evaluate and approve development efforts to ensure that
baseline security safeguards are appropriately installed.
- T0099: Evaluate cost/benefit, economic, and risk analysis in
decision-making process.
- T0106: Identify alternative information security strategies to
address organizational security objective.
- T0115: Identify information technology (IT) security program
implications of new technologies or technology upgrades.
- T0130: Interface with external organizations (e.g., public
affairs, law enforcement, Command or Component Inspector General)
to ensure appropriate and accurate dissemination of incident and
other Computer Network Defense information.
- T0132: Interpret and/or approve security requirements relative
to the capabilities of new information technologies.
- T0133: Interpret patterns of noncompliance to determine their
impact on levels of risk and/or overall effectiveness of the
enterprise's cybersecurity program.
- T0134: Lead and align information technology (IT) security
priorities with the security strategy.
- T0135: Lead and oversee information security budget, staffing,
and contracting.
- T0147: Manage the monitoring of information security data
sources to maintain organizational situational awareness.
- T0148: Manage the publishing of Computer Network Defense
guidance (e.g., TCNOs, Concept of Operations, Net Analyst Reports,
NTSM, MTOs) for the enterprise constituency.
- T0149: Manage threat or target analysis of cyber defense
information and production of threat information within the
enterprise.
- T0151: Monitor and evaluate the effectiveness of the
enterprise's cybersecurity safeguards to ensure that they provide
the intended level of protection.
- T0157: Oversee the information security training and awareness
program.
- T0158: Participate in an information security risk assessment
during the Security Assessment and Authorization process.
- T0159: Participate in the development or modification of the
computer environment cybersecurity program plans and
requirements.
- T0192: Prepare, distribute, and maintain plans, instructions,
guidance, and standard operating procedures concerning the security
of network system(s) operations.
- T0199: Provide enterprise cybersecurity and supply chain risk
management guidance for development of the Continuity of Operations
Plans.
- T0206: Provide leadership and direction to information
technology (IT) personnel by ensuring that cybersecurity awareness,
basics, literacy, and training are provided to operations personnel
commensurate with their responsibilities.ABILITIES:
- A0128: Ability to apply techniques for detecting host and
network-based intrusions using intrusion detection
technologies.
- A0161: Ability to integrate information security requirements
into the acquisition process; using applicable baseline security
controls as one of the sources for security requirements; ensuring
a robust software quality control process; and establishing
multiple sources (e.g., delivery routes, for critical system
elements).
- A0170: Ability to identify critical infrastructure systems with
information communication technology that were designed without
system security considerations.EDUCATION:Associate degree or higher
from an accredited college or university. Prefer an accredited
Computer Science, Cyber Security, Information Technology, Software
Engineering, Information Systems, or Computer Engineering degree;
or a degree in a Mathematics or Engineering
field.CERTIFICATION(S):CISSP-ISSMP or GSLC - IAT, IAM, or IASAE
Level 3
#J-18808-Ljbffr
Keywords: Rividium, Montgomery Village , Information Systems Security Manager - Intermediate - OV-MGT-001-2 (NCR), IT / Software / Systems , Washington, Maryland
Didn't find what you're looking for? Search again!
Loading more jobs...