Information Systems Security Manager

Job Description

Description

SAIC has an opportunity for an Information Systems Security Manager (ISSM) supporting Headquarters Air Combat Command’s (HQ ACC) A5/8Z Advanced Programs Division. The successful applicant will support the integration of advanced program concepts and technology across the Special Access Program (SAP) portfolio to shape Combat Air Forces (CAF) programming strategy to ensure warfighter future requirements are met.

Key duties/responsibilities include, but are not limited to:

• Maintain a formal Information Systems (IS) security program and policies applicable to all Air Combat Command units under A5/8Z administration
• Develop and oversee operational information systems security implementation policy and guidelines
• Coordinate with Program Security Officer (PSO) or cognizant security official on approval of External Information Systems (e.g. guest systems, interconnected system with another organization) 
• Oversee ISSOs under ACC purview to ensure they follow established IS policies and procedures
• The ISSM shall assume ISSO responsibilities in the absence of the ISSO
• Maintain required Information Assurance (IA) certifications
• Monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks
• Maintain a repository of all security authorizations for IS under their purview
• Conduct periodic testing to evaluate the security posture of IS by employing various intrusion/attack detections and monitoring tools (shared responsibility with ISSOs)
• Coordinate IS security inspections, tests, and reviews
• Position requires up to 15% travel to CONUS areas
• Guide implementation of an effective IS security education, training, and awareness program 
• Participate in self-inspections; identify security discrepancies and report security incidents
• Confirm proper measures are taken when an IS incident or vulnerability is discovered
• Manage, maintain, and execute the information security continuous monitoring plan

*Must maintain certification requirements mandated by DOD Directive 8570, CISSP or CISM

JOB TECHNICAL DESCRIPTION: Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions. Conducts risk and vulnerability assessment at the network, system and application level. Conducts threat modeling exercises. Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy. Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions. Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and makes recommendations on process tailoring. Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. May support cyber metrics development, maintenance and reporting. May provide briefings to senior staff. Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. May support cyber metrics development, maintenance and reporting. May provide briefings to senior staff. Applies extensive technical expertise and has full knowledge of other related disciplines. Receives assignments in the form of objectives and establishes goals to meet objectives. Provides guidance to subordinates to achieve goals in accordance with established policies. Work is reviewed and measured based on meeting objectives and schedules. Establishes and recommends changes to policies which affect subordinate organization(s).

Clearance required to start: Top Secret (SCI eligibility preferred)

Clearance able to obtain/maintain: TS/SCI with CI Polygraph

Qualifications

TYPICAL EDUCATION AND EXPERIENCE: Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.
COVID Policy: Prospective and/or new employees are required to adhere with SAIC's vaccination policy. All SAIC employees must be fully vaccinated and they must submit proof of vaccination on their first day of employment. Prospective or new employees may seek an exemption to the vaccination requirement at Contact Us and must have an approved exemption prior to the start of their employment. Where work is performed strictly at a customer site, customer site vaccination requirements preempt SAIC's vaccination policy.

Overview

SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.

We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.