Careers

Information Systems Security Manager (ISSM)

SSE is a leading technology company serving St. Louis, MO and Jacksonville, FL for over 30 years. We are a leading provider of aviation courseware development, technical publications, virtual training development, and training for military and commercial aircraft. We are seeking an Information Systems Security Manager (ISSM) to join our team and be located in either St. Louis, MO or Jacksonville, FL.

The ISSM is responsible for classified programs’ Cybersecurity/Risk Management Framework (RMF) in accordance with US Government directives. In addition this position will support SSE’s Commercial Network Services Business Unit in developing new security related products and services bringing the rigor of DoD security to commercial businesses.

RESPONSIBILITIES:

• Implementation and oversight of certification & accreditation, lifecycle processes, configuration change management, account management, media control procedures and related documentation for all SSE locations.
• Candidates must be familiar with conducting internal self-inspections of the cybersecurity program, executing an effective cybersecurity program to include continuous system audit reviews, education and training and information system delivery and maintenance.

QUALIFICATIONS:

• Extensive knowledge and experience with assessment and authorization requirements as outlined in the NISPOM Chapter 8 Information Systems Security
• Expert level knowledge of NIST 800-53 policies, procedures, and standards
• Risk Management Framework (RMF) experience
• Enterprise Mission Assurance Support Service (eMASS) experience a plus
• Dod 8570 IAM Level III or IAM Level II desired
• Active SECRET security clearance
• Ability to work in a team environment and deal effectively with changing project priorities
• At least 3 years’ experience as an ISSM
• “This position must meet Export Control compliance requirements, therefore a “US Person” as defined by 22 C.F.R. § 120.15 is required.”  US Citizen required

DAY TO DAY ACTIVITIES:

• Provide Information Systems Security Manager (ISSM) guidance and support to classified computers corporate wide at all locations.
• Develop/conduct risk assessment procedures for verification of Assessment and Authorization (A&A) RMF safeguards to meet various regulatory requirements based upon the JSIG RMF for DoD IT, plus ICD 503, JSIG, NIST & STIG guidelines
• Monitor cybersecurity Program compliance by performing periodic self-inspections, tests and reviews of the IS programs to ensure that systems are operating as authorized/accredited and that conditions have not changed
• Work with ISSO’s to ensure audit functions are performed properly
• Develop corrective solutions and maintain associated documentation
• Coordinate with the Facility Security Officer (FSO) and IT team members to define, implement and maintain an acceptable information systems security posture
• Assist program personnel at offsite locations to ensure they meet USG certification requirements and are properly trained to execute the cybersecurity program effectively and maintain security compliance
• Preparation and maintenance of security Assessment and Authorization documentation (e.g., IA Standard Operating Procedures (SOP), SSP, MSSP, RAR, SCTM)
• Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis.
• Ensure system security measures comply with applicable government policies, provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
• Maintain thorough understanding of NIST 800-53 controls, determines controls applicable to the application, and document implementation in Security Controls Traceability Matrix (SCTM).
•  

BENEFITS:

• 40 hour work week
• Weekly payroll
• 401k company match
• medical/vision/dental plans
• 8 paid holidays, 17 PTO days a year