Information Systems Security Manager
: Job Details :

Come be a part of something big! Smart Minds, Cool Jobs and Awesome Rewards! Fueled by innovation, talent and ambition, the Air Force Civilian Service (AFCS) is seeking civilian professionals prepared to deploy war-winning capabilities on behalf of the United States Air Force.OPEN: January 31,2024CLOSE: February 14, 2024The Air Force Nuclear Weapons Center (AFNWC) is currently seeking a full-time Special Access Program (SAP) Information Systems Security Manager (ISSM) 009739311M to work in the AFNWC SAP Oversight Office at Kirtland Air Force Base near Albuquerque, NM.This position is a NH-2210-03, which has a typical 2024 salary range of $87,878- $135,851.The primary purpose of this position is to provide support to AFNWC/NTD in SAP Information Assurance (IA) activities. This will be accomplished through a wide variety of tasks related to the effectiveness and efficiency of SAP Information Technology/Information Assurance operations at Kirtland AFB and AFNWCs Geographically Separated Units (GSU).SKILLS DESIRED:Candidates should have a strong background in SAP information assurance, Assessment and Authorization (A&A), and Air Force/Department of Defense cybersecurity policies. Building rapport and trust with team members and security stakeholders is critical. This is a technical role and a successful candidate must be knowledgeable of JSIG/RMF, information technology security principles, COMSEC, PC Desktops, LAN management, and Microsoft suite of applications. The ISSM will review, and/or conduct hardening on cloud and on-premise computing environments to identify points of vulnerability and/or non-compliance with established Information Assurance (IA) standards and regulations. Additionally, the ISSM will ensure organizational IA compliance for system account holders. The ideal person for this role is flexible, experienced, technically capable, self-motivated, and can effectively influence others to deliver the right solution. Creativity and IT security experience are required. A&A experience is required to be successful in this position. A mix of professional relationship skills and technical skills are required in this role.Strongly desired qualifications/skills:• CISSP or CASP+ certification• Windows administration, patching, and network management experience• Experience with A&A processes in government and customer environments• Doctrine and policy creation• Experience working on and supporting classified networks• Security architecture, engineering, and A&A experience• Experience with creating and validating Security Assessment Reports, System Security Plans, Security Control Traceability Matrix, Security Test Plans, and Plan of Action & Milestones• EMASS experience• Experience with ACAS and other scanning tools• Firewall experience• Enterprise audit logging experience• Cloud architecture and engineering experience• VMWare or other virtualization experienceDUTIES:• Information Systems Security Manager (Proficiency Level: Advanced)• Oversees the cybersecurity program of an information system or network; including managing information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, requirements, policy enforcement, emergency planning, security awareness, and other resources. Responsible for the cybersecurity of a program, organization, system, or enclave.• COMSEC Manager (Proficiency Level: Advanced)• Manages the organizations Communications Security (COMSEC) resources.• Plans, organizes, and/or directs cyber, IT, or information/knowledge management (IM) activities which comply with legal, regulatory, and AF/DoD-directed requirements and meet mission and customer needs.• Serves as senior technical advisor on cyber, IT, or IA activities. Stays abreast of changes in policy• direction, keeping leadership informed of impacts on organizational requirements.• Maintains directorate level Cyber Standard Operating Procedures (SOP) ensuring annual updates reflect current policy and risk posture.• Validates and verifies system security requirements definitions and analysis and establishes system security designs for controls.• Designs, develops, implements and/or integrates IM and security systems and system components including those for networking, computing, virtualization, cloud, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.• Oversee and manage the COMSEC program.• Builds IA into systems and services deploying into operational environments at multiple classification levels.• Assists architects and developers in the identification and implementation of appropriate information security controls and potential security functionality to ensure uniform application of security policy and enterprise solutions.• Enforces the design and implementation of trusted interfaces among external systems and architectures.• Assesses and mitigates system security threats/risks throughout the program life cycle.• Scanning systems and assisting the team in remediating vulnerabilities.• Ability to communicate effectively with senior management in government and contractor teams.• Experience ensuring systems comply with government security requirements and demonstrate compliance through verification testing with government security stakeholders.• Contributes to the security planning, assessment, risk analysis, risk management, certification, and awareness activities for AFNWC system and networking operations.• Reviews and ultimately signs off on A&A documentation, providing feedback and recommendations to the ISSOs/ISSEs on completeness and compliance of its content.• Assists the Center ISSM on core compliance inspections (training, IA compliance, SOP, etc.).REQUIREMENTS FOR THE POSITION:• U.S. Citizenship• Employee is required to meet the appropriate qualifications for the specific position being filled, per Department of Defense (DoD) Manual 8140.03 dated 15 Feb 2023, Cyberspace Workforce Qualification and Management Program.• This is a DoD Cyber Workforce position and is assigned the following Cyber Work Role Codes:o 722 (Information Systems Security Manager) (Proficiency Level: Advanced)o 723 (COMSEC Manager) (Proficiency Level: Advanced)• Review the required Knowledge, Skills, Abilities, and Tasks (KSATs) for the Cyber Work Role, at Required to handle and safeguard sensitive and/or classified information in accordance with regulations to reduce potential compromise.• Incumbent must be eligible and maintain a TS/SCI security clearance (Special Compartmented Information) as well as be granted access to special access programs.• May be required to work overtime on an emergency basis• May be required to travel• This is a drug testing designated position and is subject to random drug testing• Knowledge of NIST 800-53 security requirements• Experience in system hardening on Windows and Linux systems• Networking experience• Experience working in a team environment on similar tasks• IT security training in various disciplines• In accordance with the Ethics in Government Act, 1978, employee may be required to file an OGE Form 450, Confidential Financial Disclosure Report, upon appointment and will be required to file annuallyHOW TO APPLY:When applying at the link below, please use Microsoft Edge or Google Chrome. Click the apply button to complete an application and upload resume (PDF or Word Doc) and/or additional documents (Transcripts, certifications, Vet Docs (DD214), SF-50).To receive additional information about current and future job openings with AFCS via email notification, please subscribe at www.Afciviliancareers.com and sign up to “Get Career Updates.”AFCS is Equal Opportunity Employer.U.S. citizenship required. Must be of legal working age.