KBR, Inc.

Information System Security Manager – ISSM

KBR, Inc.

full-time

Posted on:

Location Type: Hybrid

Location: Washington • Alabama, Maryland, Virginia, Washington • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $160,000 - $190,000 per year

Job Level

JuniorMid-Level

Tech Stack

Cyber SecurityTypeScript

About the role

  • Provide cybersecurity and Risk Management Framework (RMF) support to systems and applications for the Test Resource Management Center (TRMC).
  • Work with military, government, and contractor personnel to provide technical and policy direction grounded in Department of Defense (DoD) policy, and act as the Subject Matter Expert (SME) with the cybersecurity domain and lead ISSOs.
  • Deliver documentation to include: Executive level briefings, Assessments, Self-Assessments, RMF packages, and supporting RMF documentation
  • Review Cybersecurity tool reports, ACAS, HBSS, for the purposes of reporting and compliance
  • Software Certification package development
  • Work directly with the TRMC SISO on all TRMC RMF packages and ATO Status updates
  • Support security engineering projects and solution delivery
  • Lead security audit and compliance activities for each system responsible for
  • Responsible for auditing all artifacts provided in each RMF package to determine system readiness for ATO packet submissions.
  • Provide recommendations to the SISO, PM, and AO regarding remediation and mitigation of identified vulnerabilities on test reports and plan of action and milestones (POA&Ms).
  • Monitor system status updates and report to senior leadership. Includes monthly executive reports, vulnerability reports, JFHQ DODIN reporting and briefing.
  • Monthly executive briefing to SISO, PM on security metrics
  • Interface with PMs and SISO on issues needing input/concurrence
  • Draft and present RMF deliverables to senior leadership
  • Attending Executive Program Reviews as the ISSM
  • Work with outside agencies on Memorandums of Understanding / Interconnection Service Agreements, and other senior level agreements etc.
  • Work directly with a distributed team to reduce travel
  • Travel 25% of time

Requirements

  • TS/SCI required
  • A minimum of 2 years of Information Technology Information Assurance, or Cyber Security engineering experience.
  • A minimum of 2 years of experience in conducting security assessments by reviewing security controls with the ISSO/ISSM and guide programs through RMF process.
  • Bachelor’s Degree in Engineering, Computer Science, or 8 years IT field experience in lieu of degree; Master’s Degree preferred
  • Proven expertise with assessing security controls in accordance with NIST Special Publications (i.e.: NIST 800 Series)
  • Proven in-depth knowledge of Cybersecurity principles technologies, and processes.
  • Experience with NIST 800-53, Security Development
  • Familiarity with performing assessments for Unclassified and Classified environments
  • Ability to adapt to process changes
  • Ability to interface with senior leadership
  • Ability to support high visibility or high priority projects
  • Possession of excellent oral and written communication skills.
Benefits
  • Health insurance
  • 401(k) matching
  • Paid time off
  • Flexible work arrangements
  • Professional development opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
cybersecurityRisk Management Framework (RMF)security assessmentssecurity controlsNIST 800 SeriesNIST 800-53software certificationvulnerability reportingsecurity engineeringcompliance activities
Soft skills
communication skillsleadershipadaptabilityinterpersonal skillsorganizational skillsproblem-solvingteam collaborationexecutive briefingpolicy directionrecommendation skills
Certifications
TS/SCIBachelor’s Degree in EngineeringBachelor’s Degree in Computer ScienceMaster’s Degree in relevant field