Location: Dayton,OH, USA
Information Systems Security Manager - Clearance Required Job Locations US-DC-Washington, DC | US-OH-Dayton Job ID 2024-11848of Openings1 Category Cyber Overview LMI is seeking a Senior Cybersecurity Information Systems Security Manager (ISSM) with a minimum of a SECRET clearance to provide cybersecurity Risk Management Framework (RMF) Authority to Operate (ATO) support for a DoD client. LMI is a consultancy dedicated to powering a future-ready, high-performing government, drawing from expertise in digital and analytic solutions, logistics, and management advisory services. We deliver integrated capabilities that incorporate emerging technologies and are tailored to customers' unique mission needs, backed by objective research and data analysis. Founded in 1961 to help the Department of Defense resolve complex logistics management challenges, LMI continues to enable growth and transformation, enhance operational readiness and resiliency, and ensure mission success for federal civilian and defense agencies. LMI has been named a 2022 and 2024 #TopWorkplace in the United States by Top Workplaces! We are honored to be recognized as a company that values a people-centered culture, and we are grateful to our employees for making this possible! This position requires an active Secret clearance, TS/SCI preferred. Responsibilities Oversee the entire RMF cycle, including initiation, categorization, selection, implementation, assessment, authorization, and continuous monitoring. Develop and maintain system security plans (SSPs) and associated documentation for each system under management. Conduct risk assessments and vulnerability assessments to identify and mitigate security risks. Ensure compliance with all relevant security policies, standards, and guidelines, including NIST SP 800 series. Work closely with multiple DoD cybersecurity personnel to document controls, support authorization, seeking any Interim Authorization to Test (IATT) and Authority to Operate (ATO) documentation and approvals and provide metrics to comply with audits. Responsible for escalating issues, problems, risks, and constraints to the appropriate levels for clarification and resolution. Develop and maintain a working knowledge of AWS products and capabilities. Perform unsupervised, hands-on work in GovCloud environments and eMASS. Manage multiple and competing customer priorities with little supervision. Develop High Availability, Continuity of Operations (COOP) and Disaster Recovery (DR) processes in accordance with government and industry guidelines. Work closely with the DevSecOps teams and system support engineers to provide guidance on security weaknesses in the cloud environment. Review security controls and configuration requirements including secure network design, database access, security testing, authentication methods, implementation of encryption, privilege management, logging, input validation, secure storage design, and secure data transfer. Assist with the development and implementation for cloud security architectures for protecting sensitive data deployed into various cloud (AWS, Azure, GCP, etc.) and hybrid systems. Participate in Requests for Change (RFC), Change Management Processes, and IAVM tracking. Qualifications Minimum Qualifications: Minimum of a SECRET security clearance, TS/SCI preferred. 8+ years Managerial experience in developing and implementing system information security standards and procedures in a DoD Cybersecurity Enterprise Environment. Previous DoD cybersecurity and technology experience. Demonstrated experience with DoD technology, systems, and command & control policies and procedures. DOD Cyber Workforce (DCWF) 8140 (722) Intermediate Information Systems Secur