Title:
Information System Security Manager (ISSM)
The selected applicant will provide cybersecurity and Risk Management Framework (RMF) support to systems and applications for the Test Resource Management Center (TRMC). Will work with military, government, and contractor personnel to provide technical and policy direction grounded in Department of Defense (DoD) policy, and act as the Subject Matter Expert (SME) with the cybersecurity domain and lead ISSOs. The application will, at times, be the liaison between end users, application developers, and senior leadership within the DoD and across the Test and Evaluation community.
Applicants Duties include:
Deliver documentation to include: Executive level briefings, Assessments, Self-Assessments, RMF packages, and supporting RMF documentation
Review Cybersecurity tool reports, ACAS, HBSS, for the purposes of reporting and compliance
Software Certification package development
Work directly with the TRMC SISO on all TRMC RMF packages and ATO Status updates
Support security engineering projects and solution delivery.
Lead security audit and compliance activities for each system responsible for
Responsible for auditing all artifacts provided in each RMF package to determine system readiness for ATO packet submissions.
Provide recommendations to the SISO, PM, and AO regarding remediation and mitigation of identified vulnerabilities on test reports and plan of action and milestones (POA&Ms).
Monitor system status updates and report to senior leadership.
Includes monthly executive reports, vulnerability reports, JFHQ DODIN reporting and briefing.
Monthly executive briefing to SISO, PM on security metrics
Interface with PMs and SISO on issues needing input/concurrence
Draft and present RMF deliverables to senior leadership
Attending Executive Program Reviews as the ISSM
Work with outside agencies on Memorandums of Understanding / Interconnection Service Agreements, and other senior level agreements etc.
Work directly with a distributed team to reduce travel
Travel 25% of time
Basic Qualifications:
U.S. Citizenship and Top Secret clearance required ?
A minimum of 2 years of Information Technology Information Assurance, or Cyber Security engineering experience.
a minimum of 2 years of experience in conducting security assessments by reviewing security controls with the ISSO/ISSM and guide programs through RMF process.
Bachelor's Degree in Engineering, Computer Science, or 8 years IT field experience in lieu of degree; Master's Degree preferred
Proven expertise with assessing security controls in accordance with NIST Special Publications (i.e.: NIST 800 Series)
Proven in-depth knowledge of Cybersecurity principles technologies, and processes.
Experience with NIST 800-53, Security Development
Familiarity with performing assessments for Unclassified and Classified environments
Ability to adapt to process changes
Ability to interface with senior leadership
Ability to support high visibility or high priority projects
Possession of excellent oral and written communication skills
A t KBR, we are passionate about our people, sustainability, and our Zero Harm culture.
These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a more inclusive and diverse company. That commitment is central to our team of team's philosophy and fosters an environment of real collaboration across cultures and locations. Our individual differences and perspectives bring enhanced value to our teams and help us develop solutions for the most challenging problems. We understand that by embracing those differences and working together, we are more innovative, more resilient, and safer.
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
S:CLZAL-CLZSOUTHEAST
