Job description
Information Systems Security Manager
George Mason University’s Office of Research Integrity and Assurance (ORIA), invites well-qualified candidates to apply for the position of Information Systems Security Manager (ISSM) as part of the expansion of national security research in the College of Engineering and Computing (CEC)’s Rapid Prototyping Research Center (RPRC) located in Springfield, Virginia. George Mason University has a strong institutional commitment to the achievement of excellence and diversity among its faculty and staff, and strongly encourages candidates to apply who will enrich Mason’s academic and culturally inclusive environment.
About the Position:
The Information Systems Security Manager (ISSM) will primarily be responsible for (1) supporting the development, implementation, and maintenance of DoD Risk Management Framework (RMF) / NIST 800-53 and NIST 800-171 and CMMC accredited systems; (2) supporting continuous security monitoring of those systems; (3) maintaining system accreditation documentation in DoD System tracking databases (e.g. eMASS); and (4) supporting regular security inspections (e.g. CCRIs).
The ISSM will work onsite at the RPRC in Springfield, Virginia supporting Mason’s growing portfolio of classified programs. The ISSM will report to the Director of Export Compliance and Secure Research. The ISSM will primarily focus on the security of systems maintained and operated by CEC’s RPRC.
Responsibilities:
George Mason University’s Office of Research Integrity and Assurance (ORIA), invites well-qualified candidates to apply for the position of Information Systems Security Manager (ISSM) as part of the expansion of national security research in the College of Engineering and Computing (CEC)’s Rapid Prototyping Research Center (RPRC) located in Springfield, Virginia. George Mason University has a strong institutional commitment to the achievement of excellence and diversity among its faculty and staff, and strongly encourages candidates to apply who will enrich Mason’s academic and culturally inclusive environment.
About the Position:
The Information Systems Security Manager (ISSM) will primarily be responsible for (1) supporting the development, implementation, and maintenance of DoD Risk Management Framework (RMF) / NIST 800-53 and NIST 800-171 and CMMC accredited systems; (2) supporting continuous security monitoring of those systems; (3) maintaining system accreditation documentation in DoD System tracking databases (e.g. eMASS); and (4) supporting regular security inspections (e.g. CCRIs).
The ISSM will work onsite at the RPRC in Springfield, Virginia supporting Mason’s growing portfolio of classified programs. The ISSM will report to the Director of Export Compliance and Secure Research. The ISSM will primarily focus on the security of systems maintained and operated by CEC’s RPRC.
Responsibilities:
- Serve as an ISSM for multiple systems, and ensure system processes are being followed by all personnel including privileged users;
- Create and maintain System Security Plans, Security Control Traceability Matrixes, Plan of Actions and Milestones, and all other RMF documentation required for supported systems;
- Review and evaluate RMF packages from outside organizations to provide input and recommendations to Authorizing Official;
- Perform Security Content Automation Protocol Compliance Checker scans to ensure configurations are in accordance with latest Defense Information Systems Agency Security Technical Implementation Guides;
- Perform Nessus Security scans to ensure all known vulnerabilities are mitigated or documented within a system Plan of Actions and Milestones;
- Interface with external entities with regards to maintaining the authorization of existing infrastructures;
- Perform system audits on multiple platforms and implement processes and technologies that help highlight anomalies that can be evaluated to ensure confidentiality, integrity, and availability are not compromised;
- Maintain strong security posture of all supported infrastructures; and
- Perform other duties as assigned.
Required Qualifications:
- Master’s degree in an Engineering, Computing, or closely related field; or equivalent combination of education and experience;
- US citizenship;
- At a minimum, an Interim SECRET clearance;
- Demonstrated experience working in information or cyber security roles that align with the job requirements of an Information Systems Security Manager (ISSM) as described in the Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM) Section 3.6.;
- Demonstrated experience working in information technology;
- Knowledge and experience with the DCSA Risk Management Framework (RMF);
- Excellent communication skills (speaking, writing, and listening) including the ability to provide feedback constructively and write and review technical documentation, security policies, plans, and procedures;
- Experience cultivating relationships by working collaboratively and respectfully with colleagues; and
- Strong organizational skills working in a multi-tasking environment, and the capacity to track and manage multiple technical artifacts and tasks in parallel.
Preferred Qualifications:
- Three (3) years of demonstrated experience working in information or cyber security roles that align with the job requirements of an Information Systems Security Manager (ISSM) as described in the Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM) Section 3.6.;
- Five (5) years of demonstrated experience working in information technology;
- DoD 8570 Information Assurance Management (IAM) Level III Certification (CISSP, CISM, GSLC, or CCISO);
- DoD 8570 Information Assurance Technical (IAT) Level III Certification (CASP+ CE, CCNP Security, CISA, CISSP, GCED, GCIH);
- Strong technical skills working with different networking components, operating systems, and IT devices;
- Experience working with various security tools, such as Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP) Compliance Checker (SCC), vulnerability scanners (Nessus), and auditing tools (Splunk);
- Experience in accrediting information systems through the DCSA RMF and maintaining an Approval to Operate (ATO);
- Experience with the Enterprise Mission Assurance Support Service (eMASS); and
- Completed the DAAPM Section 3.6 ISSM required training in the Center for Development of Security Excellence (CDSE).
For full consideration, applicants must apply at
https://jobs.gmu.edu/; complete and submit the online application; and upload a cover letter, resume, and a list of three professional references with contact information.
For Full Consideration, Apply by: 05/19/2023
seankuhnke.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, seankuhnke.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, seankuhnke.com is the ideal place to find your next job.