Sierra Nevada Corporation | SNC | Logo Min Sierra Nevada Corporation SNC Logo Small search search icon arrow right arrow right icon press press release icon event event icon award award icon horn announcement icon facebook facebook icon google google plus icon linkedin linkedin icon youtube youtube icon instagram instagram icon flickr flickr icon icon pdf pdf download icon icon phone telephone number icon icon email email address icon

Sierra Nevada Corporation | SNC Sierra Nevada Corporation | SNC

Manager I Systems Secuirty

  •  Posted 8 Days Ago
  •   Full time
  •  Centennial, CO
  •  R0009347

SUMMARY: The Systems Security Manager (SSM) is responsible for defining, implementing and maintaining information security policies, strategies, procedures and settings within the supported environment. The SSM serves as a principal advisor on all matters, technical and otherwise, involving the security of information systems under his/her purview. In addition, the SSM collaborates with customers during the design and development phase to translate security and business requirements into achievable processes and systems. The SSM is responsible for the overall Cybersecurity/Information Assurance (IA) of a program, organization, system, or enclave within SNC’s highly dynamic and fast-paced environment.

PRIMARY RESPONSIBILITIES INCLUDE:

  • Serve as site Information Systems Security Manager (ISSM) and generate/maintain security documentation for system hardware and software, to include SSP’s, POA&M’s, equipment specifications, practices and procedures
  • Manage/schedule mandatory System patching, updating, and scanning based on vulnerabilities and threats or regulatory compliance; maintain the day-to-day security posture and continuous monitoring for all systems
  • Develop/conduct risk assessment testing procedures for verification of Assessment & Authorization (A&A)/RMF safeguards to meet various regulatory requirements based upon NISPOM, RMF for DoD IT, ICD 503, JSIG & NIST guidelines
  • Evaluate threats and vulnerabilities to determine whether additional safeguards are needed for a wide range of security related areas including architectures, firewalls, electronic data traffic, and network access
  • Interpret government security classification guides (SCG) to determine classified system requirements and prepare written instructions to facilitate proper security implementation throughout the system lifecycle
  • Collaborate with customers (internal and external) during the design and development process to employ best practices when implementing security requirements and controls
  • Plan, program and track annual operating budget for all assets, projects, and training requirements
  • Enforce configuration Management (CM) policies and procedures for authorizing the use of hardware/software on an IS; participate in the Configuration Control Board (CCB) to ensure changes are NOT detrimental to system security
  • Coordinate with security managers (both corporate and local), Facility Security Officer (FSO) and Systems Security Engineers (SSE) to define, implement and maintain information security policies, strategies, and procedures
  • Implement policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents; assist the SNC IT cyber group with forensic investigations across the corporation
  • Assess changes to an IS by performing periodic self-inspections, tests and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed (the SSM leads the effort and ensures that corrective action is taken for all identified findings and vulnerabilities)
  • Ensure the development, documentation, and presentation of IS security education, awareness, and training activities for facility management, IS personnel, users, and others as appropriate
  • Participate in proposal efforts containing Cybersecurity/IA-related SOW/tasks to address scope, capability, cost, schedule, and resources
  • Read, interpret, and implement Cybersecurity/IA regulations and requirements; develop and maintain managerial, operational, and technical Cybersecurity/IA skillset
  • Periodic travel to SNC, customer and partner facilities (CONUS and OCONUS) in support of programs

ADDITIONAL RESPONSIBILITIES INCLUDE:

  • Follow SNC policies, procedures and work instructions for all technical activities
  • Punctuality to work each day and prepared to work scheduled work hours
  • Flexible work hours required
  • Off-hours implementations and remote site travel a must
  • Other duties as assigned

EDUCATION/EXPERIENCE/SKILLS REQUIRED:

  • Requires a BS in related field  *Relevant work experience as a Network Analyst/Administrator/Engineer, Systems Analyst/Administrator/Engineer, IT Analyst/Administrator, Software Engineer etc… may substitute for required education.
  • An active Top Secret U.S. Security Clearance required
  • DoD 8570/8140 compliant: CISA, CISM, CISSP and/or other equivalent certification (desired) *Required within 6 months of hire. Cisco, Microsoft, Linux, or other technical certifications a plus
  • Experience in supporting Information Technology (IT) within a classified environment
  • Extensive experience with the following tools: Splunk or ELK (other SIEM), ACAS / Nessus, HBSS, eMASS or Xacta (desired)
  • Knowledge of technical standards relating to systems security; experience administering UNIX, Linux, and Windows operating systems, experience with large-scale server systems, thin client architecture, system virtualization and other related peripherals
  • Experience with A&A requirements as outlined in the NISPOM, RMF for DOD, ICD 503, JSIG & NIST RMF
  • Complete/thorough understanding of US Government Cybersecurity policies
  • Ability to balance Cybersecurity requirements with SNC’s mission, goals, and culture
  • Strong communication skills, strong critical thinking and problem solving skills; self-motivated with ability to effectively prioritize multiple projects; ability to work with people in a team environment and deal effectively with changing project priorities
  • Ability to manage time, make sound decisions, take independent action, analyze problems and provide focused solutions
  • High degree of attention to detail

IMPORTANT NOTICE:

This position requires an active Top Secret with SCI eligibility U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-US citizens may not be eligible to obtain a security clearance.  The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the US, foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.

SHARE