Information Systems Security Manager

• Location: Tysons, Virginia
• Type: Contract
• Job #3377

Location: Tysons, VA
*Clearance: *Active TS/SCI w/ Polygraph needed to apply *

Company Overview:
Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.S. Government. Realizing early on that our most prized assets are our employees, we continually focus our attention on improving the overall work/life experience they have supporting the mission. Our Team is pushed every day to use their industry leading knowledge to provide end-to-end solutions to combat our nation's toughest and most secure problems. If you are looking for a place to not only be professionally challenged, but encouraged and supported by a company that cares, don't look any further than Cornerstone Defense.
Position Description: Information System Security Manager (ISSM)
• Support customer RMF workflow and processes by proposing, coordinating, implementing and enforcing information system security policies, instructions, standards, and methodologies
• Review and approve customer requests related to accesses, devices, and other authorizations
• Maintain current system information in XACTA to support organizational requirements and processes Evaluate the impact of network and system changes using RMF processes and approve the changes
• Manage multiple projects throughout Authorization and Accreditation (A&A) process from concept to Authority to Operate (ATO)
• Coordinate with system stakeholders on mitigating system vulnerabilities outlined in POA&Ms
• Submit recommendations to stakeholders for system configuration deviations from the required baseline
• Conduct periodic reviews to ensure compliance with SSP
• Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented
• Ensure system recovery processes are monitored to ensure security features and procedures are properly restored
• Ensure all IS security-related documentation is current and accessible to properly authorized individuals
• Formally notify the appropriate individuals when changes occur that might affect authorization
• Participate in governance and project reviews identified by the customer
• Require strong documentation skills to create and update policies, process documentation and procedures
• Experience with XACTA 360, Continuum and other SCAP Compliant tools
• Demonstrated experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, and STIGs
Bachelor's Degree (in an IT-related field)
Desired Certifications
• Certified Ethical Hacker 10 (CEH)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems auditor (CISA)
• NIST Cybersecurity Framework (NCSF)
• AWS Solutions Architect Associate or Professional