Information Security Systems Manager
West Chester, Pennsylvania, United States
Full Time Mid-level / Intermediate Clearance required USD 52K - 123K *
Weston Solutions
Weston Solutions solves complex environmental and infrastructure engineering challenges. Our engineers and scientists are committed to sustainability.- Manages Risk Management Framework (RMF) processes and product maintenance for assigned systems.
- Security Controls Implementation: Oversee the implementation and maintenance of security controls in accordance with the System Security Plan (SSP) and company policies.
- ATO Maintenance: Ensure assigned systems maintain their Authority to Operate (ATO) through independent security assessment and authorization.
- Access Controls Oversight: Manage access controls, ensuring proper implementation and management.
- Audit Log Review: Regularly review audit logs to identify security incidents or anomalies.
- Risk Assessment: Conduct assessments of controls to ensure proper implementation and effectiveness. Must have a strong working knowledge of the RMF process.
- Document Management: Provide requested documents to auditors, ensuring accuracy and sensitivity labeling.
- Vulnerability Management: Evaluate new vulnerabilities and coordinate corrective actions.
- Collaboration: Work closely with Security Engineers, Operations Center, and subject matter experts.
- Compliance Tracking: Track findings from vulnerability and compliance scans in the Corrective Action Plan (CAP) and manage them in the Cyber Security Assessment and Management (CSAM) system.
- Manages and performs security compliance continuous monitoring.
- CMMC/CUI Support – Help with procedures, evidence and testing compliance for the Cybersecurity Maturity Model Certification requirements for Controlled Unclassified Information (CUI).
- Capable of researching regulations and making applicability determinations.
- Minimum of 5 years in information security roles, including ISSM or ISSO responsibilities.
- Candidate must be a U.S. citizen and possess an active DoD Secret Clearance at the minimum.
- Bachelor’s degree in a related field (preferred).
- CISSP, CISM, or other relevant certifications (preferred).
- Familiarity with basic PC troubleshooting, configuration, and system maintenance.
- Ensure compliance with NISPOM, DAAPM, and other applicable regulations.
- Familiarity with routing protocols.
- Knowledge of security impact assessments.
- eMASS experience.
- ATO package development, including generating security documentation for requirements, security control assessment, STIG and SCAP tools Standard Operating Procedures, test results, etc.
- Strong communication and collaboration abilities.
- Attention to detail and analytical thinking.
- Ability to work independently and as part of a team.
- Medical, Dental, Vision, 401K with base and matching employer stock contributions.
- Paid time off includes personal, holiday and parental leave.
- Life and disability plans.
- Critical illness and accident plans.
- Work/Life flexibility.
- Professional development opportunities.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISM CISSP Clearance CMMC Compliance DAAPM DoD eMASS Monitoring NISPOM Risk assessment Risk management RMF SCAP Security assessment System Security Plan Vulnerabilities Vulnerability management
Perks/benefits: 401(k) matching Career development Equity / stock options Health care Medical leave Parental leave Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.