Information Systems Security Manager (5229)

As Information Systems Security Manager, you’ll be responsible for developing and implementing security policies, protocols, and procedures to protect an organization's information systems from cyber threats. You will also oversee security audits, risk assessments, and incident response to ensure data integrity, confidentiality, and compliance with regulatory standards.

We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers.

If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!

What you’ll do:

• Supports the PM and DPM in executing the project.
• Ensure that all IT systems are compliant with NIST, FISMA, and other governmental security requirements.
• Lead the development and implementation of the System Security Plan (SSP) and all associated documentation required for the RMF Assessment and Authorization process.
• Collaborate closely with Authorizing Officials representatives, stakeholders, and subject matter experts to gather the necessary information and ensure compliance with all applicable security policies and guidelines.
• Play a crucial role in managing, developing, and executing Continuous monitoring plan to ensure all FISMA system remain compliant by actively participating in the IT change management process. Assess and provide mitigation recommendation for potential security risks associated with system changes.
• Coordinate and collaborate with system owners and information owners to ensure seamless and secure implementation of changes to the system. This includes coordinating change management processes, assessing potential security or privacy impacts, and working towards effective resolutions.
• Conduct thorough assessments of the security or privacy impact resulting from system changes, considering factors such as data sensitivity, access controls, confidentiality, integrity, and availability. Provide recommendations and guidance for mitigating any identified risks or vulnerabilities.
• Collaborate with cross-functional teams and subject matter experts to identify, evaluate, and implement security controls and measures necessary to maintain the security posture of the system(s).
• Provide expert guidance and support to project teams regarding security requirements and controls during system development, integration, and maintenance phases.
• Coordinate with cross-functional teams to ensure that security controls are integrated seamlessly into system architectures and configurations.
• Collaborate with Department of State and/or external auditors and assessors during security assessments and audits, addressing any findings and facilitating the timely resolution of identified issues.
• Manage the Plan of Actions and Milestones (POA&M) process, ensuring that identified security weaknesses and vulnerabilities are promptly documented, tracked, and remediated.
• Collaborate with relevant teams and stakeholders to prioritize and address items on the POA&M, ensuring timely remediation actions are taken to maintain the security posture of the systems.
  
  

What you’ll need to succeed:

• You have an active TS/SCI clearance.
• BS degree in Computer Science, or other IT related fields, Cyber, or Information Assurance OR 10+ years of experience as an ISSO in lieu of a Bachelor’s degree
• CISSP certification is required.
• Minimum of (5) years of progressive management experience
• At least 10 years of hands-on experience in developing and implementing RMF framework and A&A processes, specifically focused on developing SSP packages for achieving ATO for FISMA system.
• Ability to prepare management, business, technical, and personnel reports, reviews, and documents for internal and external use.
• Broad range of knowledge and experience with Security and System Architecture
• Understanding of, and experience applying industry security policies, regulations, and guidelines such as NIST, FISMA, and SANs top 20 controls, etc.
• Knowledge of change control and change management process, project management, Enterprise Architecture frameworks, SDLC, Security Policy.
• Experience working with internet, web, application, and network security techniques.
• Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
• Strong analytical and problem-solving skills to troubleshoot and resolve security issues.
• Ability to perform and interpret vulnerability assessments.
• Ability to balance and prioritize work and work in a team environment.
• Experience with the Federal government, preferably with the Department of State or DHS.
  
  

Like we said, we are big fans of our people. That’s why we offer a generous benefits package, professional growth, and valuable time to recharge. Learn more about our company culture code and benefits. Plus, check out our accolades.

Don’t meet every single requirement?

Studies have shown that women, people of color and the LGBTQ+ community are less likely to apply to jobs unless they meet every single qualification. At MetroStar we are dedicated to building a diverse, inclusive, and authentic culture, so, if you’re excited about this role, but your previous experience doesn’t align perfectly with every qualification in the job description, we encourage you to go ahead and apply. We pride ourselves on making great matches, and you may be the perfect match for this role or another one we have. Best of luck! – The MetroStar People & Culture Team

What we want you to know:

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

MetroStar Systems is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The statements herein are intended to describe the general nature and level of work being performed by employees and are not to be construed as an exhaustive list of responsibilities, duties, and skills required of personnel so classified. Furthermore, they do not establish a contract for employment and are subject to change at the discretion of MetroStar Systems.

Not ready to apply now?

Sign up to join our newsletter here.

"EEO IS THE LAW MetroStar Systems, LLC (MetroStar) invites any employee and/or applicant to review the Company’s Affirmative Action Plan. This plan is available for inspection upon request by emailing msshr@metrostar.com."