Information Systems Security Manager (ISSM)

Overview

Own Your Future.

Modern Technology Solutions, Inc. (MTSI) is seeking an experienced Information Systems Security Manager (ISSM) who will be responsible for maintaining compliance with applicable security regulations, leading the Information Assurance program for various classified information systems at MTSI's Colorado Springs, CO office. 

Why is MTSI known as a Great Place to Work?

• Interesting Work:  Our co-workers support some of the most important and critical programs to our national defense and security.  
• Values: Our first core value is that employees come first.  We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry. 
• 100% Employee Ownership: we have a stake in each other's success, and the success of our customers.  It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year.  
• Great Benefits - Most Full-Time Staff Are Eligible for: 
• Starting PTO accrual of 20 days PTO/year + 10 holidays/year
• Flexible schedules
• 6% 401k match with immediate vesting
• Semi-annual bonus eligibility (July and December)
• Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account
• Up to $10,000 in annual tuition reimbursement
• Other company funded benefits, like life and disability insurance
• Optional zero deductible Blue Cross/Blue Shield health insurance plan
• Track Record of Success:  We have grown every year since our founding in 1993

Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance.

MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide.

For more information about MTSI, please visit www.mtsi-va.com.

Responsibilities

Responsibilities and duties may include, but are not limited to:

• Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures
• Generate and maintain required information security documentation including Systems Security Plans (SSP), Information Assurance Standard Operating Procedures (IA SOP), Continuous Monitoring Plans, Security Control Traceability Matrices (SCTM), Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices, and procedures
• Maintain customer-required Information Assurance (IA) certifications (i.e. CISSP, Security+, etc.)
• Maintain day-to-day security posture and continuous monitoring of classified ISs
• Schedule, oversee execution, and maintain records of required Information System (IS) auditing, patching, maintenance, software/hardware changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirements
• Develop and conduct test procedures for verification Assessment and Authorization (A&A), Risk Management Framework (RMF) safeguards to meet customer requirements based upon NISPOM, DAAPM, JSIG and related NIST publications
• Employ customer-approved procedures for sanitizing and releasing system components and media
• Maintain a repository of security authorizations for ISs under the office’s purview
• Assess changes to an IS by performing periodic self-inspections, tests, and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed; ensure corrective actions are taken for identified findings and vulnerabilities
• Maintain a working knowledge of IS functions, security policies, technical security safeguards, and operational security measures
• Coordinate with Facility Security Officer (FSO) and Contractor Program Security Officers (CPSO) to define, implement, and maintain information security policies, strategies, and procedures
• Implement policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents
• Ensure the development, documentation, and presentation of classified IS security education, awareness, and training activities
• Must be a team player and be able to work within all levels of a project team
• Excellent time management, scheduling, and organizational skills
• Ability to work well independently as well as follow detailed instructions for completing task
• Capable of conducting independent research, evaluation, and suggestion of recommendations on the acquisition of IA tools and security application software to satisfy the accreditation requirements in support of the organization's mission and workplace efforts to include methods of conducting non-traditional Cybersecurity Test & Evaluation and Independent Assessments
• Routinely engage with Govt technical representative + tech leads for our teammates and subcontractors
• Acts as a resource/mentor for colleagues with less experience

Qualifications

Required Qualifications:

• Top Secret security clearance with current SCI eligibility
• Five (5) years of experience working in an IA-related field
• In-depth knowledge of Microsoft Windows OS (client and server)
• CompTIA Security+ or higher-level DoD 8570.01/8140.03 certification
• High School Diploma or GED
• Experience with A&A documentation and system authorization artifacts
• Knowledge of federal security requirements and mandates (e.g., RMF, Federal Information Processing Standards (FIPS), National Standards of Information Technology (NIST))
• Experience with security architectures, firewalls, and network access
• Experience with risk managed downloads, IS sanitization and destruction, PEDs, contaminations, incident response, virus scanning, privileged user access, and hardware/software configuration management
• Excellent oral and written communication skills
• Strong organizational skills and ability to manage multiple tasks concurrently
• Excellent time management, scheduling, and organizational skills
• Ability to work well independently as well as follow detailed instructions for completing tasks
• Must be a team player and be able to work within all levels of a project team

Desired Qualifications:

• Experience using security hardening, collection, and assessment tools (e.g. SCAP, Nessus, SIEM, etc.)
• Strong Microsoft Windows background with some knowledge of UNIX/LINUX
• Knowledge of various computer software applications, hardware platforms, networking components and LAN/WAN architecture
• Experience working with Defense Counterintelligence and Security Agency (DCSA)
• Familiarity with security procedures while working in a SCIF/SAPF environment
• Experience with external systems and procurement of hardware
• Extensive experience with Enterprise Mission Assurance Support Service (eMASS) and/or Xacta solutions
• Experience working both independently and as a team to accomplish short notice, high priority tasks directed by senior leadership
• Experience applying problem solving techniques to complex government problems related to adapting enterprise solutions to tactical systems and devices
• DISA eMASS training preferred
• Bachelor’s degree in Computer Science, Information Technology, Information Security, or related field
• Certification in one or more of the following: ISC2 Certified Information Systems Security Professional (CISSP), ISC2 Certified in Governance Risk & Compliance (CGRC), ISC2 Systems Security Certified Practitioner (SSCP), ISACA Certified Information Security Manager (CISM), GIAC Industrial Cyber Security Certification (GICSP), GIAC Security Essentials (GSEC), GIAC Cyber Security Leadership (GSLC), CompTIA Cybersecurity Analyst + Certification (CySA+), or CompTIA Advanced Security Practitioner + (CASP+)
• Experience with Linux operating system (RedHat Enterprise Linux)

Travel Statement: Limited travel required

The pay range for this position in Colorado is $120,000/year to $150,000/year; however, base pay offered may vary depending on established government contract wages, job- related knowledge, skills, and experience, and other factors. MTSI also offers a full range of medical, financial, and other benefits, dependent on the position offered. Base pay information is based on market location. 

#LI-CH1

#MTSI