• Information Security Operations Manager

    Location US-TX-Fort Worth
    Posted Date 1 month ago(5/21/2018 10:44 AM)
    Job ID
    2018-5981
    # Positions
    1
    Business Unit
    Information Technology
    SECURITY CLEARANCE
    Secret
  • Overview

    The Information Security Operations Manager represents a mid-level level position for a career in Information Assurance and Security at the ESA, LLC Fort Worth Operations Site.  The  position is under the direct supervision of the Chief Information Security Officer.

     

    The Information Security Operations Manager is a member of the information security team and works closely with other members of the team to assist in the development and implementation of a comprehensive information security program. This role is primarily focused on security tasks associated with vulnerability management, monitoring and analysis, and incident response of a stand-alone information system in support of Public Safety and Homeland Security programs and new business pursuits.

    Responsibilities

    • Develop, implement, and oversee information system security policies, processes, and procedures.
    • Ensure compliance with current information security policies, concepts, and measures during the information system lifecycle.
    • Develop, implement and oversee an effective information system security education, training, and awareness program.
    • Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
    • Produce, update, and maintain security documentation (e.g. SSP, POA&M, supporting artifacts, etc.).
    • Implement security controls that protect the information system.
    • Verify enhancements to existing systems provide equal or improved security features and safeguards.
    • Ensure configuration management policies and procedures are followed.
    • Assess changes to the information system that could affect the authorization/approval to operate.
    • Ensure audit records are collected and analyzed in accordance with the SSP.
    • Manage, maintain, and execute a continuous monitoring strategy leveraging available resources that provide warnings of system vulnerabilities
    • Ensure corrective action is taken for identified findings and vulnerabilities.
    • Ensure proper measures are taken when an incident is discovered.
    • Establish and maintain positive relationships with internal and external customers.
    • Prepare and present metrics, status updates, and action plans for internal management and external customers.

    Outside Business Relationships:

     

    • Department of Homland Security (DHS)
    • Defense Security Service (DSS)
    • Local Law Enforcement

     

     

    Qualifications

    Minimum Qualifications:

     

    Education (Highest Level Required/Preferred): Bachelor degree required of 5-10 years functional experience may substitute.

     

    Training Pre-requisites (Within One Year of Taking Position):

     

          þ ESD

          þ Safety Training, as dictated by Safety Department

          þ Other: DoD 8570.01-M IAT Level II certification (see list below)

     

    Certifications/Licenses: (DoD 8570.01 IAT Level II certification) 

    Required:        None

    Preferred:       DoD 8570.01-M IAT Level II certification (i.e., CompTIA Security+, GSEC, SCNP or SSCP)

     

    Experience Required:

    Functional (Using Skill Set): 5-10 years

    Management: 3-5 years

    Industry: 5-10 years

     

    Knowledge, Skills, Abilities Required (Unique and Measurable):

    •  Bachelor’s degree in Computer Science or 3-5 years equivalent IT work experience.
    • Detailed understating of network defense practices.
    • Detailed knowledge of National Institute of Standards and Technology (e.g. NIST SP 800-53 Rev. 4, NISP SP 800-171) compliance standards, controls and remediation technologies, solutions and processes.
    • Knowledge of system security design and defense-in-depth concepts.
    • Ability to effectively communicate technical security information to non-technical personnel.
    • 5+ years of Information Security experience.
    • Knowledge of information security practices, principles, and tools.
    • Ability to obtain a government clearance (US Citizenship is required).

     Desired Skills

    • Fundamental knowledge of industry standard information security tools (i.e., Wireshark, Kali Linux, TCP Dump, NMAP, etc.).
    • Knowledge of common L4-L7 protocols such as SSL, HTTP, DNS, SMTP and IPsec.
    • Knowledge of TCP/IP, computer networking, routing, switching and packet analysis tools.

     

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed