Information Systems Security Manager (ISSM)/Information Assurance Analyst -- 319 CTS

About Aleut Federal: 

At Aleut Federal, we believe the company and its mission is just as important as the job you are applying for. Aleut Federal is an Alaskan Native-owned enterprise whose purpose is to support our “Shareholders,” the Unangax, the indigenous people of the Aleutian Islands of Alaska. People are at the core of everything we do. We support our Shareholders by providing excellent service and quality results to our Clients, the various branches of the federal government. We engage in our local markets, so community service is embedded into our process. 

Our culture nurtures the strength of our workforce through mentorship and coaching, providing opportunities for growth, and competitive benefits. We support and encourage diversity, inclusion, and accountability at every level. 

The Aleut Federal motto is “We are One” because we truly believe that with one heart, one mind, and one purpose, we can accomplish our mission and be an organization anyone would be proud to be a part of.

General Duties:

This position is responsible for protecting the data, networks, and computers from security breaches, viruses, and hacking in support of operations at the Moorman Space Education and Training Center (SETC).  ISSM will work to ensure the enclave's security authorization activities are in compliance with Risk Management Framework (RMF) policies and procedures, including System Security Plans (SSPs), Risk Assessment Reports, and A&A packages. Additionally, ISSM will lead Command Incident Response, EMSEC & Data Loss Prevention requirements.

Specific duties:

• Maintains operational security posture to ensure Information Systems (IS) security policies, standards, and procedures are established and followed.
• Develops and implements security controls based on cybersecurity principles.
• Conducts independent, comprehensive management, operational, and technical security control assessments.
• Manages security-related changes to information systems and assesses the security impact of those changes to security architecture.
• Creates and reviews documentation, including System Security Plans (SSPs), Risk Assessment Reports, and Assessment & Authorization (A&A) packages.
• Uses cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity
• Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments to mitigate threats
• Identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
• Perform cyber defense trend analysis and reporting.
• Perform system log audits and be the Subject Matter Expert (SME) for all logging activities (log, track, and report) in all information systems.
• Performs vulnerability/risk assessment analysis to support Assessment & Authorization (A&A).
• Perform ACAS Scans, STIG compliance checker, and SCAP tool.
• Manage Data Loss Prevention Waiver requests.
• Manage/Oversee EMSEC requirements.
• Advise the commander and program manager on risk levels and security posture, and communicate the value of IT security throughout the organization
• Additional duties: as assigned
• Work on-site – minimal telework authorized

Required Skills:

• TS with eligibility for SCI.
• Following DoD 8570.01M, the ISSM must meet the requirements of an IAT Level II as a condition of employment and computing environment training/certification.
• Experience with RMF, NIST SP 800-53, NIST SP 800-171, Security Technical Implementation Guides (STIGs).
• Experience with policies and procedures to support ATO/ATC decision-making and operational practices, including XACTA and/or eMASS.
• Knowledge of SIPR and JWICS Assessment & Authorization (A&A) process.
• Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
• Experience in preparing detailed System Security Plans (SSP) for Government approval to achieve Approval to Operate (ATO) objectives.
• Knowledge of new and emerging IT and cybersecurity technologies.
• Demonstrate sound knowledge of business processes with extensive experience in a similar role.
• Solid understanding of NIST RMF.
• Good recordkeeping, time management, and organizational skills.
• Good written and interpersonal skills.
• Ability to multi-task.
• Good client management skills.
• Understanding of STIGs, ACAS, and SCAP tool use.
• Incident Response Reporting.
• Understand EMMSEC requirements.

 Education and Required Experience:

Education:

• BS in Computer Science or equivalent field of study (or equivalent experience of 8 years) and 4 years of ISSM and/or RMF experience.
• IAM III certification (CISSP, CISM).

Years of Experience:

• Minimum of 5 years of ISSM experience.

 Salary Range:

• $100,000 -- $130,000 (annually)

Closing Date:

• We will accept applications for this position until 10/11/2024 at 11:59p EST.

Benefits:

Aleut offers the following benefits to eligible employees:

• Health insurance
• Dental/Vision insurance
• Paid Time Off
• Short- and Long-Term Disability
• Life insurance
• 401k and match

EEO Statement:

Aleut Federal, LLC provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, sexual orientation, gender identity, or genetics. In addition to federal law requirements, AF complies with applicable state and local laws governing nondiscrimination in employment in every location where the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. AF prohibits workplace harassment based on race, color, sex, religion, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status.

#cj

#aae