Information Systems Security Manager (ISSM) with Security Clearance

---

Job description

The Information Systems Security Manager (ISSM) will play a crucial role in managing, implementing, and overseeing USFF Cybersecurity (CS) programs, standards, and requirements. The ISSM will be responsible for tracking and analyzing CS standards and procedures, including policies, security requirements, audit findings, and remediation plans for vulnerabilities in support of Department of the Navy (DoN) systems, networks, and applications. Assist in the management, implementation, and oversight of USFF CS programs, standards, and requirements. Provide tracking and analysis of CS standards and procedures, including policies, security requirements, audit findings, and remediation plans for vulnerabilities. Conduct risk assessments, risk mitigation analysis, and develop contingency plans. Provide analysis, recommendations, and assist in compiling responses for cybersecurity incidents and issues (e.g., NMCI policy violations, Navy Cyber Defense Operations Command (NCDOC) reports, and USFF HQ internal findings). Assist with Information System Security Officer (ISSO) training as requested. Update USFF HQ IT inventory, including audit of records and outdated documentation addressed by the ISSO, on a bi-annual basis or as requested. Analyze and maintain the USFF Cyber Incident Response Planning process, including table-top exercises and real-world incidents as requested. Track and report on the status of USFF HQ's System Access Authorization Requests (SAARs) within the USFF Command Workflow System (CWS) weekly or as requested. Track and report on USFF HQ's DoD Cyberspace Workforce (CWF) compliance (e.g., personnel qualifications) weekly or as requested. Required Experience and Skills: Minimum of four (4) years of experience in CS analysis support, including conducting risk assessments, risk mitigation analysis, and developing contingency plans. 1-2 years of experience working in/with Vulnerability Remediation Asset Manager (VRAM). Demonstrated experience in the following areas: Knowledge of CS/INFOSEC concepts and requirements. Addressal of Computer Network Defense (CND) guidance. System/network vulnerability analysis. Risk assessment and risk mitigation analysis. Contingency planning. Firewall policy. Ports & protocols. Knowledge of the DoD Assessment & Authorization (A&A) process and standards. Risk Management Framework (RMF). Qualifications: Bachelor's degree in Computer Science, Information Technology, or a related field (preferred). DoD Cyberspace work role: Information Systems Security Manager (ISSM) (722); proficiency level: Basic in accordance with DoDM 8140 series. Relevant certifications (e.g., CISSP, CISM, CEH) are a plus. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team.

<!– job description page –>