Cyber Information Systems Security Manager 2

This position is a Manager/Information Systems Security Manager (ISSM) position that will manage a team of Cyber Information Systems Security Exempt Professionals. The team performs assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy.

This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments. Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. Manages and is responsible for the implementation of the required government NISPOM/DAAPM policy, make recommendations on process tailoring, participate in and document process activities. Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Document the results of Assessments and Accreditation activities. Technical creation or coordination activity to prepare the Body of Evidence (BoE) which includes the Plan of Actions and Milestones (POA&M) initial documentation and recurring updates. Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed. This position will ensure the management/coordination with classified programs on the design, testing, and implementing of state-of-the-art secure operating systems, networks, database products, firewalls, and network architectures to meet government classified Cybersecurity compliance requirements. Ensure environments remain compliant and all associated systems/networks achieve and maintain formal accreditation authorizations from government agencies.

The successful candidate will establish an inclusive culture within a diverse environment and will be responsible for the following:

  • Effective team management to include fostering individual development, performance management, open communication, financial management, and utilization.
  • Perform as the ISSM and manage a team of Cyber Information Systems Security (CISS) Professionals
  • Establishment of a strict program control processes to ensure mitigation of risks and supports obtaining formal Assessment & Authorization of systems.
  • Assist in the implementation of the required government DAAPM. This may include project management.
  • Ensure the team follows Northrop Grumman and the Cyber ISS organizations policies and procedures. That information is accurate and complete in support of those policies and procedures.
  • Support the formal Security Assessment process required by the company or government customer
  • Communication is critical in this position. This position will require consistent communication and relationship building with Defense Security Services (DSS) Representatives. Extensive communication with internal Northrop Grumman customers will also be required which includes program management teams, the Enterprise Services Program Management Office Team, the Information Technology Organization, and Industrial Security.

ESCSO

ITS3500
Basic Qualifications:
  • Bachelor's degree with 10 years of experience or 14 years of relevant experience in lieu of bachelor's degree or master's degree with 8 years of relevant experience in at least two areas, NISP, DoD SAP, and/or SCI.
  • Active Secret security clearance. (Last investigation within the last 6 years)
  • Current IAM DoD level 3 (CISM, GSLC and CISSP or CISSP Associate).
  • Must have the ability to obtain, and maintain, a Special Access Programs (SAP/SAR) level clearance as a condition of continued employment.

Preferred Qualifications:
  • Bachelor's Degree in Cyber Security or Information Security related discipline.
  • Master's Degree
  • In depth knowledge of the Special Access Program classified system accreditation process (JSIG) and a basic understanding of the Intelligence Community Assessment and Authorization process (ICD-503).
  • Final Top Secret clearance in scope, with accesses
  • Management experience.
  • A diverse classified information systems security / information assurance background.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO . U.S. Citizenship is required for most positions.${descr2}${descr3}


Back to top