Information System Security Manager (ISSM)

The Analytical Solutions Division (ASD) of Applied Research Associates (ARA), Inc (www.ara.com)  has an exciting opportunity for a full-time Information System Security Manager (ISSM) on-site at our Huntsville, AL location.

ISSM is responsible for overseeing security operations in compliance with the 32 CFR Part 117 National Industrial Security Program Operating Manual (NISPOM).  Interface with the Defense Counterintelligence and Security Agency (DCSA), managing security policies, conducting assessments, and ensuring the integrity of security systems.  Responsible for the planning, organization, maintenance, and compliance of multiple classified systems in accordance with NISPOM, risk management framework (RMF) requirements, and DCSA Assessment & Authorization Process Manual (DAAPM).

 Develop policy, guidance, and establish implementation and oversight plans to ensure compliance with Risk Management requirements.

ISSM will also serve as the Facility Security Officer to handle personnel clearance processing and maintain facility clearance activities and provide administrative security support associated with the receipt, distribution, inventory, reproduction and disposition of classified material.  For this position, ARA will only consider applicants with an active SECRET Security Clearance or higher.

Position is not eligible for remote work schedule. 


* Collaborate with Project Managers (PMs) or Information System Owners (ISO) in maintaining current authorization to operate, and approval to connect for all systems and networks, and in implementing corrective actions identified in the plan of action and milestones


* Conduct recurring Cybersecurity reviews on information systems in accordance with DoD RMF practices, DCSA Assessment and Authorization Process Manual (DAAPM), NIST 800-53 Special Publications, customer directives, and company policies as applicable.


* Audit information systems to ensure compliance with security policies and procedures


* Manage user access and conduct user briefings as required


* Schedule mandatory Information System patching, updating, and scanning based on vulnerabilities and threats or regulatory compliance; maintain the day-to-day security posture and continuous monitoring for all systems


* Investigate classified spills/incident response or other security-related incidents to DCSA and recommend corrective actions


* Apply physical security concepts to maintain current Facility Clearance Level (FCL) and approved safeguarding


* Manage the Access Control/Alarm System in accordance with DoD standards

Must Haves as an ISSM:


* Must possess a U.S.

Department of Defense (DoD) Secret security clearance with the ability to obtain Top Secret clearance


* Must be a U.S.

Citizen


* 2-4 years’ experience as NISPOM ISSO/ISSM


* Experience with security assessment/hardening tools, i.e., STIGs, SCAP, GPO, NESSUS, etc.


* Possess strong understanding of computer ...