Back to Careers

Information Systems Security Manager

Type: Full-time
Category: Security Engineer
Location: McLean, VA
Clearance: TS/SCI with Poly

Description

As an Information Systems Security Manager (ISSM) on our solutions delivery team, you will have the unique opportunity to work on programs advancing the digital transformation of critical government systems. This program will support one of our intelligence customers in Tysons Corner, VA. 

Mission Focus:  

As one of the industry’s leading innovators, NT Concepts is joining forces with one of the leading cloud providers to meet the ever-demanding needs of the DoD’s and Intelligence Community’s (IC) need for a variety of agile, high performance data centers and cloud service provisioning.  NT Concepts will be providing managed IT services in direct support of the newly designed and constructed cloud provisioning network Operations Centers (OC).  There will be multiple air-gapped OCs, each requiring managed IT support services, on a 24x7 basis, NT Concepts will be part of the cloud provisioning team starting with design, continuing with implementation, activation and throughout sustainment. 

Join us as we enable DoD and IC mission modernization. Enter on the ground floor. Be a part of getting it right and doing it right.  

Clearance: TS/SCI with Polygraph

Location: 100% on-site. Tysons Corner, Virginia.  

Responsibilities:  

  • Develop and maintain a formal Information System (IS) security program and policies for assigned areas of responsibility;
  • Provide technical and procedural IS Security advice to government and fellow team members.
  • Develop and oversee operational IS security implementation policy and guidelines;
  • Coordinate with PSO or cognizant security official on approval of External Information Systems (g. guest systems, interconnected system with another organization);
  • Oversee ISSOs under their purview to ensure they follow established IS policies and procedures;
  • Assume ISSO responsibilities in the absence of the ISSO; maintain required IA certifications;
  • Ensure System Administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks;
  • Ensure all ISSOs receive the necessary technical and security training (e.g., operating system, networking, security management) to carry out their duties;
  • Ensure approved procedures are used for sanitizing and releasing system components and media;
  • Maintain a repository of all security authorizations for IS under their purview;
  • Coordinate IS security inspections, tests, and reviews;
  • Ensure proper measures are taken when an IS incident or vulnerability is discovered;
  • Ensure data ownership and responsibilities are established for each IS, and specific requirements (to include accountability, access and special handling requirements) are enforced;
  • Ensure development and implementation of an effective IS security education, training, and awareness program;
  • Ensure CM policies and procedures for authorizing the use of hardware/software on an IS are followed.  Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the appropriate AO prior to the addition, change or modification;
  • Serve as a voting member of the Configuration Control Board (CCB) and/or the Risk Executive Board, if applicable.  The ISSM shall have authority to veto any proposed change they feel is detrimental to security. Appeals on an ISSM/ISSO veto may be taken to the AO. The ISSM may elect to delegate this responsibility to the ISSO; 
  • Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures;
  • Manage, maintain, and execute the information security continuous monitoring plan;
  • Ensure a record is maintained of all security-related vulnerabilities and ensure serious or unresolved violations are reported to the AO/DAO; and Assess changes to the system, its environment, and operational needs that could affect the security authorization.
  • Develop concept of operations for new information systems
  • Physical Security
  • Ensure SAP facilities are built to ICD-705 or O-5205.07, Volume 3 specifications
  • Work with industry partners to ensure physical security measures are met and compliant with applicable DoD policy
  • Conduct annual and biannual physical self-inspections
  • Coordinate with local PSO and SSO for any updates or changes to current facility 

 Qualifications:  

  • LCAT required years of experience: 8
  • Degree required: Bachelor’s degree or equivalent experience (4 years) 
  • Certifications: 
    • Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level II or Information Assurance Manager III and/or CISSP CSSP Manager (CISM or CISSP-ISSMP or CCISO) within 3 months of the date of hire.
  • Skills/Knowledge
    • Experience controlling, labeling, virus scanning, auditing tools, and secure data transfer between information systems.
    • Demonstrated knowledge and use of the following regulations: JAFAN 6/0; JAFAN 6/3; DCID 6/3; Joint DoDIIS/Cryptologic SCI Information Systems Security Standards; DoD 5105.21 M-1; Sensitive Compartmented Information Administrative Security Manual; ICD 503 Regulations (Computer Security), knowledge of "New" Risk Management Framework (RMF) processes (NIST Special Publication (SP) 800-53A, Revision 5, Assessing Security and Privacy Controls in Information Systems and Organizations ).
    • Proficiency of the DoD O-5205.07, Volume 3; ICD-705 and applicable DoD physical security manuals and directives

Physical Requirements:  

  • Prolonged periods sitting at a desk and working on a computer 
  • Must be able to lift up to 10-25 pounds at time 

COVID Protocol(s): 

Personnel must be fully vaccinated against COVID-19 and retain a copy of their vaccine documentation in case it needs to be checked (subject to local laws). The host facility’s US vaccine policy requires that all individuals entering our physical workspaces be fully vaccinated against COVID-19 or have an approved accommodation or state law exemption. 

#CJ


Working at NT Concepts means that you are part of an innovative, agile company dedicated to solving the most critical challenges in National Security. We're expert leaders and problem solvers who roll up our sleeves to get the job done. We're passionate, curious, and committed to doing important work. At the same time, we're life-long learners, avid mentors, and we like to have fun.

We're looking for the best and the brightest to join us in supporting the mission of National Security. If meaningful work, initiative, creativity, and continuous self-improvement are important to your career, join our growing talent network and discover What's Next for you.

NT Concepts is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for all positions. Contact us if you need a reasonable accommodation for any part of the employment process. All resumes are held in confidence. NT Concepts participates in E-Verify.