Information Security Manager jobs in Riverside, CA

Information System Security Manager, III

FEDITC, LLC is a fast-growing business supporting DoD and other intelligence agencies worldwide. FEDITC develops mission critical national security systems throughout the world directly supporting the Warfighter, DoD Leadership, & the country. We are proud & honored to provide these services.                        

Overview of position:

FEDITC is seeking an Information System Security Manager III to work in the Norco, California area. A United States Citizenship and an active Secret DoD Security Clearance is required to be considered for this position. This is an upcoming opportunity with a projected start date of May 2024.   

Responsibilities:

• Provide local Cyber Security operations and support services
• Provide Cyber Security support and services to maintain the confidentiality, integrity, availability, and non-repudiation including a wide-range of technical, functional, and managerial services necessary to ensure the secure operation of systems
• Provide support for the following Cyber Security program activities: policy development, technical assessment, security architecture development, security engineering, Assessment and Authorization (A&A) development, annual security control audit and review, annual contingency plan development and test, Risk Management Framework (RMF) controls development, Continuous Monitoring (CONMON), and Command and program level audit, assessment, and reporting
• Provide comprehensive A&A support to include Information System Security Engineer (ISSE) and Navy Qualified Validator (NQV), for the assessment and validation of all A&A packages in eMASS
• Validate RMF controls, develop all required authorization artifacts, execute Assured Compliance Assessment Solution (ACAS) scans, perform all STIG checks, and perform any other actions required for A&A packages in support of Authorization To Operate (ATO) and Annual Security Review (ASR) requirements
• Provide local Computer Network Defense (CND) operations, monitoring, and analysis. Respond to reports of computer viruses and execute incident response taskings. Provide unclassified computer decontamination following a classified spill
• Execute centralized Information Assurance Vulnerability Management (IAVM) tasks, such as vulnerability scanning and reporting within current vulnerability management systems
• Perform vulnerability tests, scans, patches, security assessments, and remediation and provide a report of the findings resulting from network scans and vulnerability testing
• Maintain and implement STIGs in accordance with latest DoD IT policy
• Provide HBSS and ENS operations expertise and monitoring support
• Validate user and privileged access accounts and conduct baseline reviews to identify and validate system changes
• Operate and maintain user monitoring and usage tracking software
• Provide Media Transfer Agent and Data Transfer Agent services to create classified media and transfer data between classification levels
• Provide validation services for authorization, inventory and tracking of software hard copies, licenses, and hardware and inventory management reports
• Ensure configuration management for ISs, software, and hardware are maintained and documented
• Create, maintain, update, and revise all documentation required by the cognizant Authorizing Official (AO) for all ISs and telecommunication Systems
• Create and maintain Plan of Action & Milestones (POA&Ms)
• Provide summary data, status reports, and graphs for internal and external Cyber Security compliance and technical information gathering that result from data calls
• Prepare the responses to various Cyber Security audits and inspection questions or data calls
• Assist with the development of documentation packages and produce system as-built documentation, generate Cyber Security and A&A documentation, and generate configuration control documentation
• Other support duties as needed/directed

Experience/Skills:

• Must have 3 years’ experience in DoD program management or engineering related field
• Must have 2 to 5 years of practical experience in a Cybersecurity, Engineering, T&E or A&A (formerly C&A) related field
• Must have 7 years of relevant experience validating RMF controls for A&A packages
• Must have worked with Information Assurance tools such as DISA Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS)
• May be required to hold an Interim Security Control Assessor qualification

Education:

• Bachelor’s degree in an engineering, scientific, or technical discipline

Clearance:

• Active Secret Security Clearance is required.
• Must be a US Citizen and pass a background check.
• Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FEDITC and/or required by FEDITC’S Client(s)/Customer(s)/Prime contractor(s).

FEDITC, LLC. is committed to fostering an inclusive workplace and provides equal employment opportunities (EEO) to all employees and applicants for employment. We do not employ AI tools in our decision-making processes. Regardless of race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran, FEDITC, LLC. ensures that all employment decisions are made in accordance with applicable federal, state, and local laws. Our commitment to non-discrimination in employment extends to every location in which our company operates.

Qualifications