Background Information:
Innovative Defense Technologies (IDT), provider of automated software testing, data analysis, and cybersecurity solutions for complex, mission-critical systems in the US Department of Defense (DOD), is seeking an Information System Security Manager (ISSM) to support its San Diego, CA office.

Overview:
The ISSM will ensure Risk Management Framework (RMF) compliance through the implementation, management, and Continuous Monitoring (ConMon) of the Information System located at the IDT San Diego office within the classified lab.

All applicants must currently possess an active U.S. Security Clearance.

Security Responsibilities Include:

• Responsible for implementing and managing the IDT San Diego Classified Information Systems (IS) security program and policies and procedures
• Intimate knowledge of Risk Management Framework (RMF) as it relates the published DCSA Assessment and Authorization Process Manual (DAAPM), 32 CFR Part 117, “National Industrial Security Program Operating Manual (NISPOM)”, and NIST 800 series compliance
• Generate and maintain system approvals to operate for new and current classified information systems authorized under RMF
• Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
• Oversee and conduct Control Correlation Identifier (CCI) self-assessments and periodic testing to evaluate the security posture of the IS
• Responsible for leading the information security portion of government assessments, Government on-sites and the periodic self-inspections
• Manage and direct the approved procedures for sanitization and destruction of classified computing assets
• Implement and manage an effective IS security education, training, and awareness program
• Assist the FSO and the Insider Threat Program Senior Official (ITPSO) in ensuring that insider threat awareness is addressed in the classified computing environments.
• Manage and engage with the maintenance and execution of the Information Security Continuous Monitoring (ISCM) plan
• Ensure weekly audit compliance (user activity monitoring, data transfer audit logs) and audit data is analyzed, stored, and protected in accordance with the required auditing frequency
• Ensure compliance of current Information Assurance (IA) policies, concepts, and measures when designing, procuring, adopting, and developing new IS
• Manage and approve data transfer and assured file transfer responsibilities in accordance with IDT Policy and Procedures; both within IDT lab environments and in nearby US Government facilities
• Develop, document, manage and approve monthly vulnerability scan results, quarterly Security Technical Implementation Guide (STIG) compliance and applicable Plan of Action and Milestones (POA&M) for each Classified IS enclave
• Possess personnel leadership and technical competence commensurate with the complexity of the IS
• Manage requests that involve co-utilizations and joint-use agreements of data residing on the IS and/or within the closed area labs
• Lead a team of Information System Security Officers (ISSOs) and Security Administrators (SAs) through the RMF process, providing tasking to ensure program requirements, deliverables and schedules are met
• Perform comprehensive investigations of security incidents and ensure proper measures are taken post discovery of the incident/event
• Responsible for the preparation and demonstration of compliant classified IS’s in advance of a DCSA assessments

• Bachelor’s degree in Computer Science, Information Technology, or equivalent
• 8+ years’ experience, preferably in a security position
• IAM III equivalent certification required
• Previous DCSA experience as an ISSM or ISSO

• Familiar with National Industrial Security Program Operating Manual (NISPOM),
• The 32 Code of Federal Regulations Part 117 and Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) requirements
• COMSEC (Communications Security) experience and training a plus.
• Working knowledge of the Risk Management Framework (RMF) and associative standards and guidelines
• Working knowledge of Controlled Unclassified Information (CUI) and guidelines to include but not limited to 800-171 and Cybersecurity Maturity Model
• Windows OS (client/Server), Domain Controller, Active Directory, networking, security policies, technical security safeguards, manual STIGs, vulnerability, end point secutiryand operational security measures
• VMware VSphere, VMware View
• Linux (Red Hat, CentOS, RedHawk),
• Patch management (WSUS, RHEL Satellite)
• Vulnerability Analysis (Tenable Nessus, ACAS)
• Ability to travel approximately 10%

• Excellent verbal and written communication skills
• Attention to detail with high level of accuracy and confidentiality
• Initiative, reliability, teamwork and customer service orientation
• Strong organization and planning skills

EEO Statement:
IDT is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, protected Veteran status, or any other basis protected by federal, state, or local law.