IT Security Manager

IT Security Manager

Washington DC

Pay from: $125,000 per year

MUST:

Experience IT Security Manager

Active DoD Secret Clearance and eligible for Top-Secret SCI

10+ years of professional experience in IT Security field

3+ years of experience working as a Security Engineer

3+ years of IT management or Operations experience managing a team of 3+ people

Strong experience with ACAS or similar vulnerability scanning tools

Strong understanding of patch management and compliance; eMASS or similar tool

Well rounded security experience with understanding in performing C&A, A&A, Validator or SCA responsibilities; developing POA&Ms and documentation; vulnerability mitigations

Excellent communication skills both written and verbal

Strong interpersonal skills

High attention to detail and accuracy and very organized

Active CISSP or both CASP+ and CISM certification is required

Bachelor's Degree in relevant field

DUTIES:

The ideal candidate will work with Sr Program manager and help to oversee and manage a large, geographically dispersed, multifaceted team comprised of various cyber-security engineers; team roles include information assurance, security infrastructure engineers, and SOC analysts

Propose, coordinate, implement and enforce information systems security policies, standards, and methodologies

Coordinate with division leads and directors for investigations, insider threat, and research

Direct and coordinate actions for incident response, data collection, forensics, cleanup and reporting. Assess threat reports and threat intelligence to inform operational and policy decisions

This candidate must be willing to be hands on and provide necessary coverage/support as needed

Prioritize and manage projects in a fast-paced environment

Ensure timely completion of projects, on time and on schedule

Read and interpret STIGs, SRGs, SCAP and ACAS scan results and provide direction as necessary for audit, accreditation, project and consulting activities

Review vulnerability scans and approve associated mitigation strategies

Document strategies in Plans of Action and Milestones artifacts

Perform all required duties as ISSO for joint-force DoD agency network

Conduct and manage accreditation activities under Risk Management Framework (RMF) for multiple accreditation boundaries

Provide guidance and leadership to other team ISSOs

Lead accreditation efforts and CCRIs. Complete, test and review of RMF security controls (CCIs) as part of multiple eMASS accreditation packages

Develop artifacts to provide evidence, support, or policy guidance for compliance with each control as necessary

Conduct management and oversight of enterprise SOC team and Incident Responders. Coordinate response efforts, incident management and triage

Provide oversight of SOC activities, technologies, and strategic direction

Conduct analysis and provide recommendations on policy, design, and solutions for increasing the security of the enterprise