Cybersecurity Compliance and Standards Manager
Our team is looking for a seasoned Cybersecurity Compliance and Standards Manager who can also assist with Cybersecurity training and educational materials.
Serves as a Cybersecurity Compliance and Standards Manager for the department in the execution of a comprehensive classified cybersecurity program as stipulated in various government customer requirements documents to include (but not limited to): NISPOM/DAAPM, JSIG, ICD and associated NIST/Company policies. Serves as a Subject Matter Expert (SME) for both Collateral and Special Access Programs. Responsible for creating and maintaining corporate policies, plans, and procedures, among other artifacts for the enterprise. Exercises judgment in providing guidance to the Cybersecurity staff, information system owners, program managers, and others regarding matters of cybersecurity and compliance.
Interface with internal and external customers and stakeholders to meet cybersecurity objectives and ensure security is considered at all phases of the system development life cycle.
Also serves as a dual role of a Training Manager. Responsible for creating educational material and conducting training for the Cybersecurity and privileged user staff. Will create and maintain training for Cybersecurity Fundamentals as well as securing / auditing Linux and Windows operating systems, Splunk, and Nessus.
Candidate must be a self-starter capable of multitasking and efficiently managing their time in a dynamic, deadline driven environment without appreciable direction. Additionally, candidate must possess excellent writing, speaking, analytical, project management, organizational, and customer service skills that will assist them in contributing to and deciphering organizational objectives and translating them into solutions for complex technical compliance and security strategies and challenges. This position reports directly to the Cybersecurity Associate Director.
- Knowledge of information security principles, technical knowledge of common operating systems such as Windows clients and servers, Linux, and Cisco IOS.
- Has or able to obtain industry certifications commensurate with role (e.g. CISSP) within 6 months of hire. Must have knowledge of the Risk Management Framework and NIST SP 800 series.
- 8 years’ experience in the areas of classified cybersecurity, compliance, systems engineering or information technology and BS degree in a related field. May substitute additional experience for education.
- Experience in the management and execution of an incident response plan to include administrative inquiries/investigations in collaboration with the Investigations department.
- Experience in the deployment of Splunk and Nessus.
- Experience with DoD Contractor SIPRNet deployments
- Experience in the oversight and execution of a continuous monitoring/improvement program (to include but not limited to self-inspections, security control assessments, training, log management systems, automated inventory utilities, etc.).
- Possess a current DoD 8570 - IAM III professional certification (i.e. CISSP, CISM, GSLC, etc.).
- Must have current Secret Clearance.
- TS/SCI w/ CI Poly preferred.