Overview LMI is seeking a Senior Cybersecurity Information Systems Security Manager (ISSM) with a minimum of a Top Secret clearance to provide cybersecurity Risk Management Framework (RMF) Authority to Operate (ATO) support to LMI.
Responsibilities Serve as the primary point of contact for all cybersecurity and information assurance matters related to classified secure environments. Oversee the entire RMF cycle, including initiation, categorization, selection, implementation, assessment, authorization, and continuous monitoring. Maintain and update Security Plans (SSP), POA&M and other related documentation. Conduct risk assessments and vulnerability assessments to identify and mitigate security risks. Ensure compliance with all relevant security policies, standards, and guidelines, including NIST SP 800 series. Work closely with cybersecurity personnel to document controls, support authorization, seeking any Interim Authorization to Test (IATT) and Authority to Operate (ATO) documentation and approvals and provide metrics to comply with audits. Responsible for escalating issues, problems, risks, and constraints to the appropriate levels for clarification and resolution. Perform unsupervised, hands-on work within environments and eMASS. Manage multiple and competing customer priorities with little supervision. Review security controls and configuration requirements including secure network design, database access, security testing, authentication methods, implementation of encryption, privilege management, logging, input validation, secure storage design, and secure data transfer. Participate in Requests for Change (RFC), Change Management Processes. Monitors and educates teammates on IAVM tracking and CISA alerts. Understand all security tools within environment including SIEM, EDR and networking for classified networks.
Conduct risk assessments, system audits, and vulnerability analysis to identify and mitigate security risks.
Qualifications Minimum of a Top Secret security clearance, TS/SCI preferred.
Requirements for the position include:
• 5+ years Managerial experience in developing and implementing system information security standards and procedures in a DoD Cybersecurity Enterprise Environment. • Previous Army cybersecurity and technology experience. • Demonstrated experience with US Army technology, systems, and command & control policies and procedures. • DOD Cyber Workforce (DCWF) 8140 (722) Intermediate Information Systems Security Manager certification: CGRC/CAP or CASP+ or CCSP or SSCP or Security+ or GSEC. • Experience with security requirements in a federal IT environment, including FedRAMP-certified providers and FISMA requirements for acquiring and maintaining an ATO. • Experience with Enterprise Cross Domain Solutions. • Experience with DoD STIGs and SRGs. • Strong understanding of cybersecurity principles, standards, and best practices. • Excellent communication and interpersonal skills, with the ability to interact effectively with technical and non-technical stakeholders.