Job Title: Information Systems Security Manager (ISSM)/COMSEC Custodian

Job Code: 17148

Job Location: Fall River, MA

Schedule: 9/80

Active DOD Secret Security Clearance Required for consideration

Job Description:

L3Harris Fall River, MA, is seeking a program specific Information System Security Manager (ISSM) in support of Department of Defense programs. Duties for successful candidates include, but are not limited to reviewing and developing information system accreditation/certification support documentation; interacting with customers when changes occur that may affect the information system accreditation/certification; performing system and network self-inspections; identifying information system vulnerabilities and implementing countermeasures.

Responsibility for program policy creation/update; maintaining information system security records. The ISSM will provide assistance on IT and information system security issues that may affect the mission of the customer. This position works under the direction of the Facility Security Officer (FSO).

• Develop and conduct risk assessment procedures for verification of RMF/Assessment and Authorization (A&A) safeguards to meet various regulatory requirements based upon JSIG and NIST 800 series (800-53, 800-171 etc.) guidelines.
• Author and provide oversight of various artifacts supporting RMF package artifacts to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Actions & Milestones (POA&M), Continuous Monitoring (ConMon) Plan, CONOPS, and other RMF BoE artifacts.
• Coordinate with internal/external partners to establish system security designs and validate compliance requirements.
• Responsible for analyzing and/or administering security controls for information systems.
• The selected candidate will act as a member of a diverse security team and participate in Engineering and Configuration Review Boards and Working Groups to develop secure system solutions.
• Monitor IA Program compliance by performing periodic self-inspections, tests and reviews of the IS to ensure that systems are operating as authorized/accredited and that conditions have not changed.
• Configuration of change management processes (hardware/software, account Management, Disposition, Assured File Transfers (AFT) and related documentation in accordance with policies and procedures.
• Review audit data of the IS and IS components (technical & physical) for anomalous or unauthorized activities.
• Participate in documenting and publishing security related workflows and procedures to mitigate vulnerabilities and recommend changes to system or system components.
• Conduct Cybersecurity training, briefings, and presentations for multiple levels of business.
• Provide leadership and oversight to ISSOs.
• Participate in interdepartmental projects and provides council on Cybersecurity policies and procedures.

The candidate will be responsible for managing electronic keying material and Controlled Cryptographic Items (CCI) material for an Air Force and National Security Agency Account, from inception through destruction. Including but not limited to the receipt, transfer, inventory, accounting, and destruction of CCI and cryptographic material. In addition, if selected the candidate may perform a variety of additional tasks to include physical security, global security operations center, and personnel security as needed. This position works under the direction of the Facility Security Officer (FSO).

Essential Functions:

L3Harris Fall River, MA, is seeking a program specific Information System Security Manager (ISSM) in support of Department of Defense programs. Duties for successful candidates include, but are not limited to reviewing and developing information system accreditation/certification support documentation; interacting with customers when changes occur that may affect the information system accreditation/certification; performing system and network self-inspections; identifying information system vulnerabilities and implementing countermeasures.

Responsibility for program policy creation/update; maintaining information system security records. The ISSM will provide assistance on IT and information system security issues that may affect the mission of the customer.

• Develop and conduct risk assessment procedures for verification of Risk Management Framework safeguards to meet various regulatory requirements based upon DAAPM and NIST 800 series (800-37, 800-53, 800-61, etc) guidelines.
• Author and provide oversight of various artifacts supporting RMF package artifacts to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Actions & Milestones (POA&M), Continuous Monitoring (ConMon) Plan, CONOPS, and other RMF BoE artifacts.
• Coordinate with internal/external partners to establish system security designs and validate compliance requirements.
• Responsible for analyzing and/or administering security controls for information systems.
• The selected candidate will act as a member of a diverse security team and participate in Engineering and Configuration Review Boards and Working Groups to develop secure system solutions.
• Monitor IA Program compliance by performing periodic self-inspections, tests and reviews of the IS to ensure that systems are operating as authorized/accredited and that conditions have not changed.
• Configuration of change management processes (hardware/software, account Management, Disposition, Assured File Transfers (AFT) and related documentation in accordance with policies and procedures.
• Review audit data of the IS and IS components (technical & physical) for anomalous or unauthorized activities.
• Participate in documenting and publishing security related workflows and procedures to mitigate vulnerabilities and recommend changes to system or system components.
• Conduct Cybersecurity training, briefings, and presentations for multiple levels of employee population.
• Participate in interdepartmental projects and provides council on Cybersecurity policies and procedures.
• Ability to obtain and maintain any additional clearances as required.
• Up to 10% travel may be required.

The candidate will be responsible for managing electronic keying material and Controlled Cryptographic Items (CCI) material for an Air Force and National Security Agency Account, from inception through destruction. Including but not limited to the receipt, transfer, inventory, accounting, and destruction of CCI and cryptographic material. In addition, if selected the candidate may perform a variety of additional tasks to include physical security, global security operations center, and personnel security as needed. 

Qualifications:

• Active DoD Secret clearance which requires U.S. Citizenship
• Bachelor’s Degree in Cybersecurity or similar and minimum 6 years of prior relevant experience. Graduate Degree and a minimum of 4 years of prior related experience. In lieu of a degree, minimum of 10 years of prior related experience.
• Relevant experience with Windows 10 and 11 operating systems and other related peripherals.
• Experience using Microsoft Office products.
• Experience with RMF/Assessment and Authorization (A&A) safeguards to meet various regulatory requirements
• Security + or DD8570 equivalent or higher certification or Completion/Certification of KMI Training Course
• Experience performing COMSEC Activities such as audits and inventories
• Experience interpreting and applying NSA COMSEC security policies

Preferred Additional Skills:

• Experience with SPLUNK, Security Center/Nessus, and other software/systems
• Experience with configuration/certification and auditing/analysis of Windows, Linux, UNIX systems to include stand-alone IS, peer-to-peer networks, LANs/WANs and interconnections.
• Experience with applying, searching, leveraging SCAP and STIGs
• Demonstrate excellent organizational, decision-making, and problem-solving skills.
• Experience with technical configuration standards relating to information system security.
• Well versed in risk management, mitigation, and customer service.
• Excellent team leadership skills, with experience leading and collaborating in a multi-disciplinary, diverse, and dynamic team environment.
• Excellent communication skills (written, verbal, & presentation)
• IAM Level II or III Certification (Sec +, CISSP, CISM etc.)
• Knowledge with the handling and configuration of End Cryptographic Units and fill devices (i.e. AN PYQ-10 (SKLs), KIK 11, KG 250/250X, KG 255X, and KG 175D/175G
• Knowledge of NSA Distributed INFOSEC Accounting System (DIAS)
• Knowledge of Over the Air Transfer’s/Over the Air Rekeying (OTAT and OTAR),SCIP Device Management (VIPER, STE, OMNI) and USAF Cryptographic Access Program.
• Experience of working in a team environment
• Ability to work with minimal supervision
• Great attention to detail and a high degree of accuracy