The ISSM’s primary function serves as a principal advisor on all matters, technical and otherwise, involving the security of information systems under their purview
Primary support will be working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense, and Military Compartment efforts
Perform oversight of the development, implementation and evaluation of information system security program policy with emphasis placed on integration of existing SAP network infrastructures
Develop and oversee operational information systems security implementation policy and guidelines of network security, based upon the Risk Management Framework (RMF)
Advise customer on Risk Management Framework (RMF) assessment and authorization issues
Perform risk assessments and make recommendations to DoD agency customers
Advise government program managers on security testing methodologies and processes
Evaluate authorization documentation and provide written recommendations for authorization to government PMs
Develop and maintain a formal Information Systems Security Program
Ensure that all IAOs, network administrators, and other cyber security personnel receive the necessary technical and security training to carry out their duties
Develop, review, endorse, and recommend action by the AO or DAO of system assessment documentation
Ensure that all procedures are in place for clearing, sanitizing, and destroying various types of hardware and media
Develop and execute security assessment plans that include verification that the features and assurances required for each protection level functioning
Maintain a repository for all system authorization documentation and modifications
Institute and implement a Configuration Control Board (CCB) charter
Develop policies and procedures for responding to security incidents, to include investigating and reporting security violations and incidents
Ensure that data ownership and responsibilities are established for each authorization boundary, to include accountability, access rights, and special handling requirements
Ensure development and implementation of an information security education, training, and awareness program
Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed
Assess changes in the system, its environment, and operational needs that could affect the authorization

Requirements

7+ years of related experience
US Citizenship Required
Bachelor’s degree in related discipline OR Associate’s degree in a related area + 2 years’ experience OR equivalent experience (4 years)
Certifications: IAT Level 3 (CISSP, CASP+ CE, CCNP Security, CISA, etc.) or IAM Level 3

Benefits

📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

information systems securityrisk management frameworksecurity assessmentnetwork securitysecurity testing methodologiessecurity incident responseconfiguration controlsecurity program policy developmentthreat assessmentvulnerability evaluation

Soft Skills

advisory skillscommunicationorganizational skillstraining and mentoringanalytical skillsproblem-solvingrecommendation developmentcollaborationattention to detailleadership

Certifications

CISSPCASP+ CECCNP SecurityCISAIAT Level 3IAM Level 3