Information System Security Manager (ISSM) - *Active Clearance Required*

Kratos Defense & Security Solutions, Inc., is a leading defense technology company focused on unmanned systems, satellite communications, cyber security/warfare, microwave electronics, missile defense, training, and combat systems. Our customers include the U.S. federal government, foreign governments, commercial enterprises, and state and local government agencies. At Kratos, we prioritize affordability as a cornerstone of our technology. We leverage proven, cutting-edge methodologies and technology to minimize costs, streamline schedules, and mitigate risks, ensuring timely delivery of cost-effective solutions to market.

Kratos Unmanned Aerial Systems (KUAS), a division of Kratos Defense, is renowned for its expertise in developing, delivering, integrating, and supporting high-performance, cost-effective, jet-powered Unmanned Aerial Systems (Targets and Tactical). As a mid-tier defense contractor, we've demonstrated agility and innovation in providing aircraft to the US military and global allies and partners. Our track record of delivering top-notch jet-powered subscale targets has established us as a go-to defense contractor capable of delivering capabilities at an affordable price.

At KUAS, we prioritize innovation, collaboration, and growth. Our team collaborates to cultivate a supportive and dynamic workplace, fostering creativity and promoting professional development while honoring personal and family lives. Join our team and help shape the future of unmanned technology within the defense industry today!

GENERAL JOB SUMMARY:

Responsible for managing Information Systems (IS) security principles and policies, including the Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), 32 CFR Part 117 National Industrial Security Program Operating Manual (NISPOM), Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM), DoD 5200.01 Information Security Program and Protection of Sensitive Compartmented Information (SCI), and DoD 5205.07 Special Access Program (SAP) Security Manual. Safeguards networks against unauthorized modification, destruction, or disclosure. Researches, evaluates, designs, tests, recommends, communicates, and implements new security software or devices. Implements, enforces, communicates, and may develop internet, network, or other information security policies or security plans for data, internet, software applications, and hardware, telecommunications, and computer installations.

ESSENTIAL JOB FUNCTIONS:

Establish and maintain classified computer systems following DOD, NISPOM, and Joint Special Access Program Implementation Guide (JSIG), including but not limited to:

• Responsible for network address assignment, routing protocols, and routing table configuration as well as configuration of authentication and authorization.
• Utilize SIEM/SEM tools to conduct regular system auditing and conduct trend analysis.
• Develop Security Assessment Reports (SAR) and investigate environmental risk to create Risk Assessment Reports (RAR)
• Develops and maintains a formal information system (IS) security program. Develop and maintain System Security Plans (SSP) and related documentation such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy.
• Develop, implements, and enforces IS security policies.
• Maintains the hardware and software that comprises the network (data, voice, and video); including the deployment, maintenance and monitoring of active network gear; switches, routers, firewalls, and appliances.
• Ensure audit records are collected and analyzed in accordance with policies and procedures.
• Responds to IS security incidents including investigation and report detail.
• Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures to restrict unauthorized use of data systems and databases.
• Ensures all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS.
• Assist with the development and implementation of an effective IS security education, training, and awareness program.
• Conducts initial and annual required training of privileged and general users.
• Conduct proof of concept and present proposals for new hardware and software.
• Manages disaster recovery functions for information systems.
• Serve as member of the configuration change board (CCB).
• Assess changes to the system/operational needs that could affect system(s) accreditation.
• Voting/veto member of the CCB for all systems.
• Assume ISSO responsibilities as necessary and assist in other disciplines of Security as needed to support the program(s).
• Provides technical guidance as a non-voting member of the configuration change board.
• Serve as a member of the COMSEC Team.
• Other duties may be assigned.

SUPERVISORY RESPONSIBILITY:

No

#LI - Onsite

KNOWLEDGE, SKILLS & ABILITIES:

Required:

• Ability to maintain sensitive and confidential information as required by government standards.
• Ability to interact effectively with peers and supervisors.
• Ability to interact appropriately with the public when necessary.
• Ability to adhere to workplace rules.
• Ability to effectively communicate professionally in writing or verbally with all levels of personnel.

EDUCATION AND EXPERIENCE:

Required:

• Must have DoD 8570 IAM Level III certification (i.e., CISM, CISSP or GSLC) or the ability to obtain within 6 months from appointment.
• 7 years of directly related work experience.
• Experience in designing, developing and integrating classified computer systems and isolated networks in compliance with government regulations.
• Must have DoD 8570 IAM Level II certification (i.e., CASP CE, CISM or CISSP) or the ability to obtain within 6 months from appointment.
• Must have working knowledge of TCP/IP, network switching, routing and infrastructure cabling. Must be able to configure switches by using work instructions.
• Must have solid work experience with Linux and Windows Operating Systems, DISA STIGS, and SCAP Compliance, including executing Security STIG/Hardening on Windows Operating Systems.
• Must have the ability to provide internal and external customer support related to desktop troubleshooting.
• Attention to detail with the ability to multi-task and follow through with task from start to completion.
• Required to have and maintain a U.S. security clearance at the appropriate level (requires U.S. Citizenship).

Preferred:

• BS/BA degree in a related technical field and a minimum of 5 years directly related experience.

WORK ENVIRONMENT/PHYSICAL REQUIREMENTS:

• Office and/or manufacturing environment.
• Ability to stand and sit for long periods of time.
• Ability to perform repetitive motion (keyboarding, 10-key, phones).
• May be required to lift up to 50 pounds in accordance with KUAS General Safety Training guidelines.
• May work extended hours or weekends and have on-call schedule/duties.

TRAVEL REQUIREMENTS:

25% travel may be required between customer site and/or other Kratos Unmanned Division locations.