Information System Security Manager (ISSM)

At Agile Defense we know that action defines the outcome and new challenges require new solutions. That’s why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.
Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility—leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation’s vital interests.
Requisition #: 562
Job Title: Info Sys Sec Mgr
Location: 661 Washington Blvd Ft. Sam Houston, Texas78234
Clearance Level: Active DoD - Secret
Required Certification(s): ·       MA/MS BA/BS in relevant field·       IAM Level II Certification
SUMMARYThe Information System Security Manager shall support the Arny Medical Center of Excellence (MEDCOE) team in the full RMF Lifecycle for several on-prem environments, including any RMF requirements related to information owners migrations.  The Mission of MEDCoE: MEDCoE develops leaders, drives change, and synchronizes Army Medicine′s DOTmLPF-P (Doctrine, Organization, Training, Materiel, Leadership and Education, Personnel, Facilities and Policy) domains in order to enable the Joint Force to win the Nation′s wars; when directed, executes mobile training to generate readiness for the operating force.  The Vision of MEDCoE To be the foundation on which Army Medicine is built, sustained and transformed.As an Information System Security Manager, you will play a critical role in ensuring the security posture of our organization's information systems. Your responsibilities include continuous coordination with cybersecurity personnel, meeting training and certification requirements, and enforcing cybersecurity policies and procedures. You will maintain situational awareness, initiate actions to improve or restore security postures, and implement protective measures for cybersecurity incidents. Ensuring that all users have the necessary security clearances and training, maintaining current and accessible cybersecurity documentation, and conducting regular security evaluations are also key aspects of this role.

JOB DUTIES AND RESPONSIBILITIES·       Continuous Coordination: Ensure continuous coordination with organizational cybersecurity personnel for systems that are demonstrated, tested, or fielded. ·       Training and Certification: Meet the training and certification requirements of DA Pam 25–2–6 for IAM I, IAM II, or IAM III, if also working as the ISSM for the organization. The category and level depend on the functions performed, per DOD 8570.01–M. ·       Operational Security Posture: Maintain the appropriate organizational operational security posture for assigned Army IS. ·       Situational Awareness: Maintain organizational situational awareness and initiate actions to improve or restore the cybersecurity posture of assigned Army IS. ·       Assist ISSMs: Assist the ISSMs in meeting their duties and responsibilities and initiate protective measures for cybersecurity incidents. ·       Policy Implementation: Implement and enforce assigned Army IS cybersecurity policies and procedures, as defined by cybersecurity-related documentation. ·        User Clearance and Training: Ensure users for Army ISs under the ISSO’s purview have the requisite security clearances and access authorization and are aware of their cybersecurity responsibilities before being granted access to those systems. Ensure users receive initial and annual cybersecurity awareness training.·       Protective Measures: In coordination with the ISSM, initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered or reported. ·       Documentation Management: Ensure Army IS cybersecurity-related documentation is current and accessible to properly authorized individuals. ·       IAVM Procedures: Ensure implementation of IAVM dissemination, reporting, and compliance procedures. ·       System Security Plans: Prepare, distribute, and maintain plans, instructions, and SOPs concerning system security. ·       Security Evaluations: Review and evaluate the effects on security of system changes, including interfaces with other ISs, and document all changes. ·       Accreditation: Ensure that all ISs within their area of responsibility have received a current ATO. Additional Considerations: ·       Monitoring and Assessment Plan: Creation of a Continuous Monitoring and Assessment Plan is required. ·       Incident Response: Processes for incident response and recovery need to be developed and implemented. ·       Documentation: Comprehensive RMF documentation including System Security Plan, Security Assessment Report, Plan of Action and Milestones needs to be developed. ·       Roles and Responsibilities: Contracted personnel are responsible for preparing and maintaining RMF documentation. ·       Timeline: The timeline for achieving RMF accreditation and ATO will be set after a full assessment of each RMF.
QUALIFICATIONS
Required Certifications·       MA/MS BA/BS in relevant field·       IAM Level II Certification
Education, Background, and Years of Experience·       10+ years of relevant experience (with MA/MS). 12+ years experience (with BA/BS).
ADDITIONAL SKILLS & QUALIFICATIONS
Required Skills·       Experience performing the full cycle of system Assessment and Accreditation (A&A) activities. ·       Excellent working knowledge of the National Institute of Technology (NIST) Risk Management Framework (RMF). ·       Solid technical background with strong understanding of network architectures and communications, operating systems, web platforms, and databases.·       Experience developing and maintaining system security documentation, including but not limited to System Security Plans, Security Assessment Reports, Contingency Plans, and Interconnection Security Agreements. ·       Experience developing and updating Plans of Actions and Milestones (POA&Ms) and overseeing efforts to rectify issues found as a result of security vulnerabilities and security controls analysis.
Preferred Skills·       Excellent interpersonal, organization, writing, communicating, and briefing skills. 
WORKING CONDITIONS
Environmental Conditions·       Contractor site with 0%-10% travel possible. Possible off-hours work to support releases and outages. General office environment. Work is generally sedentary in nature, but may require standing and walking for up to 10% of the time. The working environment is generally favorable. Lighting and temperature are adequate, and there are not hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available.
Strength Demands·       Sedentary – 10 lbs. Maximum lifting, occasional lift/carry of small articles.  Some occasional walking or standing may be required.   Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.
Physical Requirements·       Stand or Sit; Walk  Employees of Agile Defense are our number one priority, and the importance we place on our culture here is fundamental. Our culture is alive and evolving, but it always stays true to its roots. Here, you are valued as a family member, and we believe that we can accomplish great things together. Agile Defense has been highly successful in the past few years due to our employees and the culture we create together. What makes us Agile? We call it the 6Hs, the values that define our culture and guide everything we do. Together, these values infuse vibrancy, integrity, and a tireless work ethic into advancing the most important national security and critical civilian missions. It's how we show up every day. It's who we are.
Happy - Be Infectious.Happiness multiplies and creates a positive and connected environment where motivation and satisfaction have an outsized effect on everything we do.
Helpful - Be Supportive.Being helpful is the foundation of teamwork, resulting in a supportive atmosphere where collaboration flourishes, and collective success is celebrated.
Honest - Be Trustworthy.Honesty serves as our compass, ensuring transparent communication and ethical conduct, essential to who we are and the complex domains we support.
Humble - Be Grounded.Success is not achieved alone, humility ensures a culture of mutual respect, encouraging open communication, and a willingness to learn from one another and take on any task.
Hungry - Be Eager.Our hunger for excellence drives an insatiable appetite for innovation and continuous improvement, propelling us forward in the face of new and unprecedented challenges.
Hustle - Be Driven.Hustle is reflected in our relentless work ethic, where we are each committed to going above and beyond to advance the mission and achieve success.
Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)