Job Details
Information Systems Security Manager (US Location)
San Diego, United States | Posted on 01/31/2024
As the Information Systems Security Manager at Templar Shield, you will be responsible for the oversight and management of the information security program. This includes ensuring compliance with the NIST Risk Management Framework (RMF) standards, conducting quality assurance functions, delivering training, engaging in stakeholder outreach, and reviewing Plans of Action and Milestones (POAMs), Information Technology Risk Assessments (ITRAs), and Privacy Impact Assessments (PIAs).
Key Responsibilities:
1. NIST RMF Compliance: Ensure compliance with NIST RMF standards, review and maintain system security plans (SSPs), and guide the organization through the RMF process.
2. Quality Assurance Functions: Establish and maintain quality assurance processes for information security policies, procedures, and controls to identify areas for improvement and ensure their effectiveness. Work with ISSO s and leadership to address any data quality issues to ensure risk is accurately depicted as it relates to control assessments.
3. Training: Develop and aid in information security training programs to educate employees, contractors, and stakeholders on security best practices.
4. Stakeholder Outreach: Collaborate closely with internal and external stakeholders to foster a culture of security awareness and effectively communicate the importance of information security.
5. Review POA&Ms, ITRAs, Risk Exceptions, and PIAs: Assess Plans of Action and Milestones (POAMs), Information Technology Risk Assessments (ITRAs), risk exceptions, and Privacy Impact Assessments (PIAs) to ensure compliance and risk mitigation.
6. Security Documentation: Maintain accurate and up-to-date security documentation, including policies, procedures, system security plans, security assessment reports, etc.
7. Security Audits and Assessments: Coordinate and participate in security audits and assessments, ensuring that findings are addressed promptly and effectively.
8. Security Awareness: Promote a culture of security awareness and best practices among employees through continuous education and communication.
Requirements
Qualifications:
- Bachelor's degree in Information Security, Computer Science, or a related field (Master's preferred).
- Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification preferred.
- In-depth knowledge of NIST Risk Management Framework (RMF) and related security standards (e.g., FISMA, HIPAA, ISO 27001).
- In-depth knowledge of the Assessment and Authorization process and system security plans.
- Strong experience in quality assurance functions and training development.
- Excellent communication and interpersonal skills for stakeholder outreach.
- Ability to review and evaluate Plans of Action and Milestones (POA&Ms), Information Technology Risk Assessments (ITRAs), and Privacy Impact Assessments (PIAs).
- Experience in control assessments and security audits.
- Strong problem-solving skills and attention to detail.
- Familiar with Archer and the Assessment and Authorization and Issue Management Modules
Note: Candidate must be a US citizen and on-site in DC, 2-3 days per week. Application Process:
If interested in this opportunity, please apply on the Templar Shield careers page or via LinkedIn. If any issues with the application process, please reach out directly to: ...@templarshield.com
- Competitive salary and benefits package
- Opportunities for professional development and growth
- Collaborative and innovative work environment
- Health and wellness programs
- Retirement savings plans
- Employee recognition and rewards
If you are a dedicated Information Systems Security Manager with expertise in NIST RMF, quality assurance functions, training, stakeholder outreach, and review of POA&Ms, ITRAs, risk exceptions, and PIAs, we encourage you to apply and join Templar Shield in safeguarding our critical information assets.
#J-18808-Ljbffr