Information Security Manager jobs in Petaluma, CA

Location: Petaluma, CA

On Site

9/80 work schedule

The US base salary range for this full-time position is $110,000-$185,000 benefits generous relocation assistnace availble. Salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.

Summary

The Information Systems Security Manager (ISSM) provides information systems security support for DoD and Non-DoD classified systems and networks. Standing up and maintaining accreditations for classified systems and networks. Classified Systems & Networks range in complexity and size to include multi- platform computing (Linux, Windows, VMWare), virtual environments, and mobile systems. Extensive experience with eMASS, NISPOM Chapter 8, NIST, DCSA DAAPM, SCAP, ITAR and DISA STIGs. Assemble and maintain Risk Management Framework (RMF) security plan accreditation packages for various government agencies. May be required to manage work distribution to Information Systems Security Officers (ISSO).

Position Responsibilities

• Provide technical and procedural IS Security advice to government and Internal teams
• Develop and maintain a formal Information Systems (IS) security program and policies for their assigned area of responsibility
• Coordinate with Facility Security Officer (FSO) on approval of External Information Systems (e.g. guest systems, interconnected system with another organization)
• Assume ISSO responsibilities in the absence of the ISSO; maintain required IA certifications
• Understand, implement, and enforce security policies and processes to maintain the with respect to:
• Removable Media Creation, Trusted Download, Safeguarding Classified Information, Classified
• Markings, Wireless Devices, and relevant System Security Plans (SSPs)
• Ensure policies and procedures for authorizing the use of hardware/software on an IS are followed.
• Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the appropriate authorization prior to the addition, change or modification
• Serve as the lead for security configurations and interact with Government Approving Authorities for all inspections of these systems
• Utilize a variety of accredited security software tools to conduct vulnerability assessments, continuous monitoring scans, and those employed to maintain OS configurations
• Ensure all ISSO & Users of classified systems receive the necessary technical and security training (e.g., operating system, networking, security management) to carry out their duties
• Coordinate IS security inspections, tests, and reviews
• Ensure development and implementation of an effective IS security education, training, and awareness program
• Working experience with High Assurance Internet Protocol Encryptors/TACLANE
• Analyze security audits for non-standard events and media write control logs
• Assist in investigations involving anomalies to include support to Insider Threat Working Group
• Validate systems & networks are patched in accordance with SSP and Continuous Monitoring activities
• Alarm testing, maintaining door and safe combinations, facility keys, document control, processing visit requests, coordinating logistics for classified meetings and conferences
• Available to respond to alarms and emergencies after hours
• Provide initial security briefings, debriefings, foreign travel, and related security training
• Assist with COMSEC inventory and documentation updates to ensure 100% accountability with NSA
• Review prime and subcontractor DD254’s
• Assist with self-inspections, random searches and security violation reports
• Submit visit requests for all outbound visits for employees and subcontractors

Basic Qualifications (Required Skills & Experience)

• Bachelor’s degree in an IT-related or similar relevant field is required or equivalent combination of education, training, and experience
• 5 to 8 years of experience in a similar systems security role or experience in related IT or systems security disciplines is highly preferred.
• CISSP or similar DoD 8570 IAM III Baseline Certification
• Demonstrated experience with Risk Management Framework
• Understanding the technical configurations of Windows and other operating systems is desirable.
• Understand Windows and Linux event logs is desirable.
• Knowledge of compliance checking tools preferred.
• Excellent customer service and organization skills, including good interpersonal skills and the ability to
• communicate effectively with all levels of employees.
• Top Secret Clearance is required for this position.
• Successful completion of a criminal background check is required.