Information Systems Security Manager
- Full-Time
- Fairfax, VA
- George Mason University
- Posted 4 years ago – Accepting applications
Information Systems Security Manager,
Volgenau School of Engineering
George Mason University’s Volgenau School of Engineering (VSE) and the Office of Research Integrity and Assurance (ORIA) invite well-qualified candidates to apply for the position of Information Systems Security Manager (ISSM) as part of the expansion of national security research in VSE’s Rapid Prototyping Research Center (RPRC) located in Springfield, Virginia. The position will primarily be responsible for (1) supporting the development, implementation, and maintenance of DoD Risk Management Framework (RMF) / NIST 800-53 and NIST 800-171 and CMMC accredited systems; (2) supporting continuous security monitoring of those systems; (3) maintaining system accreditation documentation in DoD System tracking databases (e.g. eMASS); and (4) supporting regular security inspections (e.g. CCRIs). Mason has a strong institutional commitment to the achievement of excellence and diversity among its faculty and staff, and strongly encourages candidates to apply who will enrich Mason’s academic and culturally inclusive environment.
Responsibilities:
The ISSM will work onsite at the RPRC in Springfield, Virginia supporting Mason’s growing portfolio of classified programs. The ISSM will report to the Assistant Vice President for Research Integrity and Assurance with a dotted line to VSE’s Associate Dean for Research. The ISSM will primarily focus on the security of systems maintained and operated by VSE’s RPRC. The ISSM will:
- Serve as an ISSM for multiple systems and ensure system processes are being followed by all personnel including privileged users;
- Create and maintain System Security Plans, Security Control Traceability Matrixes, Plan of Actions and Milestones, and all other RMF documentation required for supported systems;
- Review and evaluate RMF packages from outside organizations to provide inputs and recommendations to Authorizing Official;
- Perform Security Content Automation Protocol Compliance Checker scans to ensure configurations are in accordance with latest Defense Information Systems Agency Security Technical Implementation Guides;
- Perform Nessus Security scans to ensure all known vulnerabilities are mitigated or documented within a system Plan of Actions and Milestones;
- Interface with external entities with regards to maintaining the authorization of existing infrastructures;
- Perform system audits on multiple platforms and implement processes and technologies that help highlight anomalies that can be evaluated to ensure confidentiality, integrity, and availability are not compromised;
- Maintain strong security posture of all supported infrastructures;
- Perform other duties as assigned.
Required Qualifications:
- Master’s degree in an engineering, computing, or closely allied field or equivalent combination of education and experience;
- US citizenship;
- At a minimum, a TOP SECRET (TS) clearance with Sensitive Compartmented Information (SCI) eligibility based on a Single Scope Background Investigation (SSBI) completed within the last 5 years. Applicants selected must be willing to submit to an initial and random counter-intelligence polygraph;
- A minimum of 5 years of demonstrated experience working in information or cyber security roles that align with the job requirements of an Information Systems Security Manager (ISSM) as described in the Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM) section 3.6.;
- Strong technical skills working with different networking components, operating systems, and IT devices;
- Experience working with various security tools, such as Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP) Compliance Checker (SCC), vulnerability scanners (Nessus), and auditing tools (Splunk);
- Knowledge and experience with the DCSA Risk Management Framework (RMF);
- Excellent communication skills (speaking, writing, and listening) including the ability to provide feedback constructively and write and review technical documentation, security policies, plans, and procedures;
- Experience cultivating relationships by working collaboratively and respectfully with colleagues;
- Strong organizational skills working in a multi-tasking environment and the capacity to track and manage multiple technical artifacts and tasks in parallel.
Preferred Qualifications:
- DoD 8570 Information Assurance Management (IAM) Level III Certification (CISSP, CISM, GSLC, or CCISO);
- DoD 8570 Information Assurance Technical (IAT) Level III Certification (CASP+ CE, CCNP Security, CISA, CISSP, GCED, GCIH);
- Experience in accrediting information systems through the DCSA RMF and maintaining an Approval to Operate (ATO);
- Experience with the Enterprise Mission Assurance Support Service (eMASS);
- Completed the DAAPM section 3.6 ISSM Required Training in the Center for Development of Security Excellence (CDSE).
Mason Engineering: The Future of Engineering is Here
The Volgenau School of Engineering at George Mason University is a fast-growing force for innovation in research and education. The school boasts more than 8,600 students in 37 undergraduate, master’s, and doctoral degree programs, including several first-in-the-nation offerings. The total anticipated value of VSE’s active research grants and contracts exceed $400M in a variety of emerging technologies, including big data, cybersecurity, artificial intelligence, healthcare, sustainable infrastructure, advanced materials, and mobile communications.
RPRC, the largest research center at Mason, focuses on providing its DoD sponsors a unique perspective on rapid prototyping. Rather than developing new systems to satisfy intractable problems on the battlefield, RPRC integrates new technology into existing infrastructure. This novel approach decreases the time to field solutions to the battlefield by up to 5x and ensures that the prototype is integrated with the latest technology.
George Mason University is the largest public research university in Virginia, classified at the Carnegie R1 highest research activity level, with an enrollment of over 38,000 students studying in over 200 degree programs. Mason is an innovative, entrepreneurial institution with national distinction in a range of academic fields. Mason, located in the City of Fairfax in Northern Virginia at the doorstep of Washington, D.C., has unmatched geographical access to a numerous federal agencies and national laboratories. Northern Virginia is also home to one of the largest concentrations of high-tech firms in the nation, providing excellent opportunities for interaction with industry. Fairfax is consistently rated as being among the best places to live in the country and has an outstanding local public school system.
In conjunction with Amazon’s decision to establish a second headquarters in Northern Virginia, the Commonwealth of Virginia announced a multi-year plan to invest in the growth of degree programs in computing, and George Mason University has committed to accelerate plans to grow capacity in computing and high-tech fields. Among the exciting initiatives being undertaken by the university is the launch of the Institute for Digital InnovAtion, a university think tank and incubator to serve the digital economy, and the expansion of its Arlington Campus with a planned 400,000 square foot Digital InnovAtion Building. These initiatives reflect hundreds of millions of dollars in new investment by Mason that will rapidly elevate Mason’s already leading national position in computing and related areas.
For full consideration, applicants must complete the online application at https://jobs.gmu.edu/ for position FA24HZ, and attach a cover letter, resume, a statement on what diversity and inclusion means to you (to attach as ‘Other Doc’), and a list of three professional references with contact information. For full consideration applicants must apply by January 4, 2021; however the review of applications will continue until the position is filled.
For Full Consideration, Apply by: January 4, 2021