Jul 21, 2022

Job ID 2022-5068 Information System Security Manager (ISSM)

  • OBXtek
  • Randolph AFB, TX, USA
Full-Time Defense Engineering Government Information Technology Legal Program Management Information technology

Job Description

Job ID 2022-5068

Responsibilities

OBXtek is currently staffing for n Information System Security Manager (ISSM) to support Air Education and Training Command (AETC) and provide expertise is in direct support of learning and data management for Force Development (FD) Recruit, Train, and Educate (RT&E) systems and will perform work as part of a government-led multi-functional team.

Primary cybersecurity technical advisor to the Authorizing Official (AO), PM, and Information System Owners (ISO). The ISSM will serve as a member of any appropriate Configuration Control Boards or steering groups to address cybersecurity and DoD Risk Management Framework (RMF) issues as determined by HQ AETC A3G Information Systems Cybersecurity Office (ISCO), Principle Cybersecurity Advisor. Responsible for successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals. Provides expert guidance and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities. Support necessary compliance activities and define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate. Familiar with all applicable Office of Management and Budget (OMB), National Institute of Standards and Technology (NIST), Department of Defense, and Air Force cybersecurity strategy, policy, directives, technical orders, task orders, operational orders, and guidance as identified, but not limited to, in the DoD Cybersecurity Chart and understand and use AF prescribed resources and tools.

Rresponsibilities:

Ensure the integration of cybersecurity into, and throughout the lifecycle of the Information Technology (IT), on behalf of the AO and IAW DoD Instruction (DoDI) 8500.01 and Air Force Instruction (AFI) 17-130. Core duties/requirements includes:

- Monitors and maintains the cybersecurity program in support of AETC Learning Services and all associated mission systems under the control of AETC A3G.

- Provides guidance to A3G mission system program teams in coordination with the applicable base Wing Cybersecurity Office (WCO) and/or MAJCOM Cybersecurity Office.

- Proficient with the Cybersecurity Framework IAW AFI 17-130. Performs the 5 core functions of Identify, Protect, Detect, Respond, & Recover to assist in managing cybersecurity risk.

- Knowledgeable with and provides guidance to AETC/A3G on DoD and Air Force Communications Security (COMSEC), Computer Security (COMPUSEC), TEMPEST, Remanence Security (REMSEC), Bring Your Own Approved Device (BYOAD), Identity Control and Access Management (ICAM), Incident Response (IR), Ports, Protocol, and Services Management (PPSM), and DoD Cloud Computing programs and requirements.

- Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides / security requirement guides) and proper configuration management procedures are followed prior to implementation and contingent upon required approval by the Government.

- Ensure all AF IT cybersecurity-related documentation is current and accessible to properly authorized individuals IAW Air Force Instruction (AFI) 17-101. All documentation produced by the Contractor must be provided on the dates specified, in an approved format and IAW applicable DoD or Air Force guidance or directives.

- Support the PM or ISO in maintaining current Authorization to Operate (ATO), and Approval to Connect (ATC). The Contractor shall support the PM or ISO in implementing corrective actions identified in the plan of actions and milestones. Perform all Risk Management Framework (RMF) for AF Information Technology (IT) steps as identified in AFI 17-101 for new and existing A3G mission systems as required. Coordinate with the applicable Authorizing Official (AO) staff on all issues affecting mission system's established security posture and/or ATO.

- Coordinate with the PM and AO staffs for the development of an ISCM strategy and monitor any proposed or actual changes to the system and its environment. Monitor the IT and environment daily, during scheduled work days, for security-relevant events, assess proposed configuration changes for potential impact to the cybersecurity posture, and assess the quality of security controls implementation against performance indicators. Ensures cybersecurity-related events or configuration changes that impact AF IT authorization or adversely impact the security posture are formally reported to the AO and other affected parties, such as Information Owners (IOs) and stewards and AOs of interconnected IT.

- Ensure all privileged users comply with AFMAN 17-1301, AFMAN 17-1303 and AETC Learning Services policy and maintain proper clearances IAW DoDI 8500.01. Validate all users have the requisite security clearances and need-to-know, complete annual cybersecurity training, and are aware of their responsibilities before being granted access to the IT according to AFMAN 17-1301. Maintain all authorized user access control documentation IAW the applicable AF Records Information Management System.

Qualifications

Must possess and maintain required DoDD 8570.01 IAM level III certifications, 5+ years as an ISSM. Must be a U.S. citizen with a current secret security clearance (required). Bachelor's degree in Computer Science or related degree and DoD experience highly desired.

Security Clearance

Secret

Company Information

COVID Policy: Prospective and/or new employees will be required to adhere with OBXtek's vaccination policy. Full vaccination will be required and verified before the start of employment unless an accommodation request is approved. Employees working onsite at a customer location must comply with customer vaccination requirements which may include any or all the following: social distancing, masks, mandatory statements regarding one's vaccination status and mandatory testing .

Headquartered in McLean, Virginia and founded in 2009, OBXtek is a fast-growing leader in the government contracting field. Our mission is Our People...Our Reputation. Our people are trained professionals who enhance our customers' knowledge and innovation using technology, collaboration, and education.

We offer a robust suite of benefits including comprehensive medical, dental and vision plans, Flexible Spending Accounts, matching 401K, paid time off, tuition reimbursement plans and much more.

As a prime contractor for 93% of our current work, OBXtek pairs lessons learned across disciplines with industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO. Our rapid growth has been recognized by INC500, the Washington Business Journal, and Washington Technology magazine.

OBXtek is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, gender identity, disability, veteran status, sexual orientation or any other classification protected by federal, state or local law.

Occupations

Program Management

States

TX

Security Clearance

Active Secret

Apply Now