ISCM Program Manager/SME

Job Description

Relevant certifications (e.g., CISSP, CISM), experience with ISCM/CDM, and DOE or similar federal agency work.

Should possess a DOE L or Secret clearance

25% travel every month

Roles/Responsibilities:

• The Program Manager leads the effort to establish, implement and maintain an Information Security Continuous Monitoring (ISCM) Program. ISCM is a key initiative which helps to improve the cybersecurity posture of federal information systems through continuous, real-time monitoring and is overseen by the Department of homeland Security (DHS) and their Continuous Diagnostic and Mitigation (CDM) Program.
• The ISCM program Manager oversees a team of cybersecurity professionals who provide continuous, real-time monitoring of our customer's information systems and network infrastructure to ensure confidentiality, integrity, and availability of data and to detect and respond to cybersecurity threats and vulnerabilities in a timely manner.
• Candidates must have experience meeting federal cybersecurity requirements including FISMA, NIST SP-800-53r5 and NIST SP 800-137.
• Primary responsibilities of the Program Manager include the following;
  • Research continuous monitoring methods and tools.
  • Develop strategies for Enterprise ISCM approaches that meet Federal requirements.
  • Propose improvements to the existing ISCM Program and its related documentation.
  • Collaborate with the customer to develop project plans and resources to support the ISCM Program and CDM Program.
  • Promote the implementation of continuous monitoring programs and initiatives throughout the customer environment.
  • Work with cybersecurity groups and technical teams throughout Enterprise to implement the DHS CDM Program.
  • Participate in DHS CDM Working Groups (WGs).
  • Provide subject matter expertise throughout the Enterprise to bolster the customer's continuous monitoring capabilities.
  • Track the progress of DHS CDM Program implementation throughout the Enterprise
  • Develop metrics to evaluate the Enterprise implementation of the CDM program and provide detailed analyses of the results.
  • Provide executive-level briefings and reports on continuous monitoring programs and initiatives.
  • Support the preparation and justification of budget and fiscal execution of the program as it relates to meeting requirements, return on investment, value, and outcome.

Ideal candidate demonstrates experience with:

• Implementing continuous monitoring tools across all systems, networks and endpoints.
• Ensuring real-time detection of threats and anomalies through a set of integrated security tools.
• Deploying automated vulnerability scanning tools to identify and prioritize vulnerabilities.

• Establishing an automated process for incident detection, containment and mitigation.
• Continuously monitor and enforce compliance with cybersecurity standards (e.g. FISMA, NIST, etc.)
• Development of dashboards and metrics.
• Development of ISCM Handbook for processes and procedures pertaining to the management of ISCM and CDM programs.

Additional Information

All your information will be kept confidential according to EEO guidelines.