Information System Security Manager - Special Programs

Company: MIT Lincoln Laboratory
Location: Lexington
Posted on: May 6, 2021

Job Description:

The Information Systems Security Manager (ISSM) - IT IC Level 4 will provide expert management of all information security support to several independent Laboratory programs assigned. The successful candidate will work independently and as a team member, must be a quick learner, self-motivated, reliable, and able to balance multiple tasks simultaneously. Candidate must have strong interpersonal skills and be able to manage stress in a professional manger. Candidate must be knowledgeable in computer security principles and policies, to include, Security Technical Implementation Guides (STIGs), National Industrial Security Program Operating Manual (NISPOM), NIST 800-53 / Risk Management Framework (RMF), Joint SAP Implementation Guide (JSIG), Intelligence Community Directive (ICD) 503, Joint Air Force, Army, Navy (JAFAN) 6/3.The ISSM will be the primary focal point and have an in-depth knowledge of computer security principles, practices, and procedures in order to execute a comprehensive Information Security program to meet both internal and external requirements.--The ISSM will apply security controls based on NIST 800-53 and Risk Management Framework guidelines that protect classified computer systems in a heterogeneous computer environment which could consist of any variation of Linux, Unix, Sun, Mac, or Windows systems. The ISSM will lead and manage daily responsibilities of assigned Information Systems Security Officers (ISSO).--The ISSM will develop and maintain multiple System Security Plans (SSP) based on the Joint SAP implementation Guide; ensuring systems are operated, maintained, and disposed of according to the approved SSP. The ISSM will conduct security compliance audits and perform security vulnerability assessments on Laboratory information systems. The ISSM will establish and maintain configuration management policies and procedures. The ISSM will ensure users and ISSOs are subject to an effective information security education, training, and awareness program. The ISSM will facilitate assessment and authorization of new and existing systems. The ISSM will be able to implement and test IT security policies/procedures as part of a fully integrated IT security program.--The ISSM will coordinate and participate in the investigation and mitigation of information system adverse incidents. The ISSM will assume ISSO responsibilities in the absence of the ISSO and must be able to respond to off-hour emergencies as needed. Must have demonstrated ability to follow-up and solve problems. Position requires some local and overnight travel.
Requirements:

• MS degree in Computer Science, Information Technology, Computer Information Systems, or related field required with a minimum of seven (7) years' experience within Special Access and Sensitive Compartmented Information Programs.
• Demonstrated capabilities in leading cross-functional teams and presenting ideas written and orally within a collaborative team environment is required.
• Technical experience and skills, course work completed towards a degree, and industry IT certifications may be considered substitutes for education requirements.
• Ability to achieve DoD 8570 IAM Level III Baseline Certification within 6 months of appointment; preferably candidate possesses ISC2 CISSP.
• Technical experience and skill securing operating systems such as Linux, Windows Server/client OS, virtualization technologies, and applying encryption standards.
• Experience using vulnerability scanning tools such as NESSUS, SCAP, RETINA, SECSCN, WASSP
• Experience using audit reduction tools and endpoint security products.
• In-depth working experience directly related to assessment and authorization using any of the following:
• NIST SP 800-37 / Risk Management Framework (RMF)
• Joint SAP Implementation Guide (JSIG)
• Intelligence Community Directive (ICD) 503
• National Industrial Security Program Operating Manual (NISPOM) Chapter 8
• Joint Air Force, Army, Navy (JAFAN) 6/3
• Exceptional written and verbal communication skills.
• Prior experience in working in a collaborative team environment desired.
• The selected candidate will be subject to a pre-employment background investigation and must possess a current in scope Top Secret level security clearance with compartmented program eligibility.

Keywords: MIT Lincoln Laboratory, Boston , Information System Security Manager - Special Programs, Executive , Lexington, Massachusetts