Job Details
Tyto Government Solutions, Inc. has an opening for an Information System Security Manager as a part of the Defense Information Systems Agency (DISA) GSM-O II program at the Mark Center in Alexandria, VA. At a minimum, an active DoD Secret security clearance is required; Top Secret eligibility is preferred. *Some remote work may be allowed.
Responsibilities:
- Senior member of team that coordinates, reviews, validates, and approves all activities, which contribute to the Assessment and Authorization (A&A) of automated information systems.
- Address physical security matters to information assessments, security tests and evaluations, preparation of Contingency Plans, and administration of Life Cycle Management and Configuration Management documentation.
- Assess the vulnerability of Automated Information Systems (AIS).
- Recommend and implement changes to IT systems in accordance with DoD directives.
- Function as a technical specialist and assess the risk management security and contingency planning programs.
- Implement measures to protect data from physical destruction or theft. Ensure that back-up procedures are in place for recovery from loss, destruction of data and program files, or from physical damage.
- Implement SOPs and periodically tests recovery procedures to ensure recovery procedures are operational.
- Develop policy and guidance, and establish implementation and oversight plans to ensure compliance with Risk Management requirements.
- Coordinate the review and evaluation of cyber security programs and effectiveness of implementation; identify problem areas; updates and establishes new requirements in response to new technologies and threats; and make recommendations to achieve a fully compliant IT architecture.
- Develop Systems Security Contingency Plans and Disaster Recovery Procedures.
- Develop and implement training and awareness programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
- This position does not have direct reports. This candidate will report directly to the Tyto program manager.
Qualifications:
- Minimum DoD Secret required (program can support up to TS/SCI)
- DoD 8570 IAM Level III or IAT Level III certification.
- BS degree and 10+ years of experience.
- Expert knowledge of NIST SP 800-37, CNSSI 1253, FIPS 199 and NIST SP 800-53.
- Expert in Risk Management Framework (RMF) accreditation processes.
- Expert in Risk Management with Plan of Actions and Milestones (POA&M) tracking.
- Expert in creating presentations and presenting policies, guidance, and procedures regularity.
- Experience creating metrics.
- Knowledge of the DoD Risk Assessment Methodology (DRAM).
Schedule/Shifts:
- Mon-Fri, day shift, generally 8a-5p.
About Tyto Athene
Tyto is an IT services and solutions company that provides mission-focused digital transformation to enhance the client experience and enable them to achieve desired outcomes. Tyto's services and solutions embody its domain expertise in four major Technology domains: Network Modernization, Hybrid Cloud, Cyber Security, and Enterprise IT. Tyto offers a broad range of service delivery models including design/install projects, Managed Services, and 'As-a-Service'. With over fifty years of experience, Tyto supports Defense, Intelligence, Space, National Security, Civilian, Health and Public Safety clients across the United States and around the globe.