Information System Security Manager

Company: Criticalfrequency
Location: Orlando
Posted on: November 1, 2024

Job Description:

Critical Frequency Design is an aerospace and defense communications company specializing in optoelectronics for Next Generation Communication and Sensor systems. At Critical Frequency Design, we specialize in expediting solutions from concept to qualified product so that the warfighter can be provided with tomorrow's solutions today. Critical Frequency Design's Microwave Photonic, Free Space Optics and Open Systems products are being brought to the market by experienced business leaders and world-renowned scientists in a creative and agile environment. The company is a rapidly growing engineering business located on the Space Coast in Melbourne, FL.Critical Frequency Design is seeking a talented individual for an Information System Security Manager (ISSM) position. The ISSM is responsible for the planning, developing, executing, and maintaining of CFD's unclassified and classified networks to meet our growing Information Technology needs including the security requirements.The ISSM is responsible for applying Information System (IS) security principles, practices, and procedures under the Risk Management Framework (RMF) to maintain compliance with applicable security regulations, such as NIST, CMMC, CNSSI, and NISPOM, governing the development and management of classified information systems. This position will be responsible for managing the program's overarching security effort and representing the program to the sponsor's security organization. This position requires the ISSM to be a strong advocate for integrating security into front-end requirements and overseeing the implementation and sustainment of security controls in all stages of the program lifecycle.The ISSM is responsible for interfacing and managing our IT Managed Service Provider (MSP) to meet CFD's current and new IT infrastructure for our unclassified network. Additionally, the ISSM will work as either the Facility Security Officer or the Alternate Facility Security Officer.The ISSM responsibilities will include, but are not limited to:

• Interface and manage IT Managed Service Provider
• Create and maintain information security related documentation
• Implement, maintain, and monitor security controls
• Advise developers on integrating security requirements
• Achieve and maintain Authorization to Operate classified information systems
• Coordinate with sponsor and corporate security organization
• Oversee Continuous Monitoring program
• Maintain operational security posture for information systems
• Provide security related training and guidance to program management and staff
• Maintain eligibility for personal security clearance
• Perform duties as either Facility Security Officer or Alternate Facility Security Officer
• Perform other duties as assignedQualificationsThe candidate must possess the below minimum qualifications to be initially considered for this position. Preferred qualifications are in addition to the minimum requirements and are considered a plus factor in identifying top candidates.Minimum Qualifications:
  • Ability to obtain a Top Secret/SCI clearance
  • IAM Level III certification in accordance with DoD 8570.01M, such as CISSP.
  • Understanding of NIST 800 series, CNSSI 1253, NISPOM Chapter 8, and related publications
  • Understanding CMMC requirements and plans
  • Ability to perform risk assessment and risk management for unclassified and classified information systems
  • Familiarity with the RMF process and experience in drafting RMF documentation
  • Experience in implementing and monitoring technical, administrative, and operational security controls
  • Ability to maintain organized and complete records
  • Ability to manage
  • Ability to prioritize competing demands and complete tasks on schedule
  • The successful candidate must have previous experience with classified information system security management, network and/or system administration, network and/or system engineering, and the RMF process. A successful candidate will have experience in the assessment and authorization of classified information systems. The candidate must also hold a high-level Security or Information Technology related certification and have demonstrated experience applying certification related skills.Preferred Qualifications:
    • Collaborating in a team environment
    • Familiarity with the Xacta or DCSA eMass systems
    • Security Technical Implementation Guides (STIGs)
    • Information Assurance Vulnerability Alerts (IAVAs)
    • Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
    • Cloud Security concepts
    • MS Windows Server - Group Policy Objects
    • MS Windows Server - Active Directory
    • MS Windows Server - System Administration
    • Reviewing MS Windows security event logs
    • Use of scanning tools and interpreting results
    • Security incident management
    • Working with hardware and software vendors
      #J-18808-Ljbffr

Keywords: Criticalfrequency, Port Orange , Information System Security Manager, IT / Software / Systems , Orlando, Florida