Information Systems Security Manager (ISSM)
GreenXT is seeking Information Systems Security Managers (ISSM) to support their Navy customer in the areas of Cybersecure Hull, Mechanical, and Electrical (HM&E) Control Systems and Networks.
GreenXT is comprised of technical and business leaders. We hire intelligent, hardworking, and dedicated people who not only possess the desire to learn and improve their skills but want to contribute to the design and development of innovative solutions that address the Navy’s greatest technological challenges. We hired each of our employees because we believe they are exceptional, have the ability to excel at their job, and will contribute positively to GreenXT.
GreenXT’s business office strives to be the most efficient and effective business office supporting our customers. Our personnel aspire to become leaders through organized, rigorous, and diligent efforts. GreenXT employees are always looking to help one another succeed. We look out for each other and cross-train so that the product we deliver is one that we’re confident in and proud of. We strongly believe in growth and providing our workforce with career development opportunities to help everyone achieve their goals.
We take pride in our support of the United States Navy. We never forget that the work we do is ultimately in support of America’s warfighter and serving those who serve. The idea that our hard work can help make their jobs easier, assist them to defend our nation, and can help ensure they return home safely to their loved ones motivates us every day, and we hope that you join us on that mission!
- Ensure cyber security guidelines are incorporated into design, test, and life cycle support of Navy Control Systems: this includes mitigating risks, and evaluating security trade-offs and impacts to system(s) performance and availability
- Ensure cybersecurity needs are incorporated into schedules, implemented in accordance with Risk Management Framework (RMF) and Information Assurance (IA)
- Develop and manage of the RMF package, including Plans of Action & Milestones (POA&M), Security Plans, Risk Assessments, architecture diagrams and hardware/software inventories
- Manage cross functional teams to ensure system engineers and Information System Security Engineers (ISSE) collaborate to derive, define, allocate and document cyber security functional, performance, design, test, and evaluation requirements in accordance with Federal, DoD, and DoN guidance to include but not limited to: NIST 800-37, DODI 8500.1, DOD 8510.01, NIST SP 800-53, CNSSI 1253, NAVSEA 9400.2-M, FIPS-199, and US Navy Cross-SYSCOM IA standards
- System/site documentation development to include policies, processes, and standard operating procedures
- Perform annual security reviews, annual testing of security controls and annual testing of the contingency plan in line with FISMA requirements
- Participate in the review and reaction of afloat captured data packages; to include working with In-Service Engineering Agents (ISEA) to investigate findings
- Supervise the validation of security controls with the PM/ISO, SCA Liaison, PSO and AO CSA
- Assemble the Security Authorization Package for submittal and adjudication
- Track and report on system(s) Assessment and Authorization (A&A) status; identify and resolve issues to maintain Authority to Operate (ATO)
- Plan and perform cybersecurity testing to assess security controls and record security control compliance status during sustainment
- Utilize the Collaboration Board in Enterprise Mission Assurance Support Service (eMASS) workflow for all formal coordination during the RMF process.
- Report changes in the security posture of systems to the Authorizing Official
Education And Experience Requirements
- Active DoD Secret Level Security Clearance (or the ability to obtain this clearance upon position acceptance) is required for this position
- Bachelor of Science Degree in Computer Science, Computer Engineering, Information Technology, Cybersecurity, or a related technical degree
- Must have CISSP (or Associate) or CASP+ CE or CCNP Security or CISA or GCED or GCIH
- 3 or more years of experience with RMF and DoD A&A or Assess Only (AO) packages
- Experience with Industrial Control System Security is preferred
- Experience with Assured Compliance Assessment Solution (ACAS) is preferred
- Experience using the eMASS is preferred
- Proficiency in the use of Microsoft Office suite applications
- Basic Technical writing ability
- Ability to work on and climb ladders, aboard ships, in shipyards, under industrial conditions and in confined spaces if needed.
- Ability to lift, carry and transport heavy equipment and boxes. The exact weight requirements will be determined by the specific job, but no less than 30 lbs.
- Ability to work on and climb ladders, aboard ships, in shipyards, under industrial conditions and in confined spaces.
- Limited travel may be required within and outside of the continental United States.
- Excellent Pay
- 11 Holidays
- Paid Vacation
- 401(k) with Matching
- Medical and Dental insurance
- Life and Disability Insurance