Information Systems Security Manager

Overview

Arcfield was purpose-built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit arcfield.com for more details.

Responsibilities

This is a position for an Information System Security Manager who will join the Cyber Security Team in Chantilly, VA. We are looking for a driven self-starter who works well in a fast-paced team environment. The candidate will report directly to the CISO, manage a team, and will provide support in operating and scaling the information security program at Arcfield.

Responsibilities:

• Career level with a complete understanding and wide application of technical principles, theories and concepts.
• Provides technical solutions to a wide range of difficult problems.
• Independently determines and develops approach to solutions. Prepare, maintain, and implement System Security Plans that accurately depict the customer’s contractual requirements.
• Develop, implement, enforce, and monitor security policies across systems to maintain compliance with organizational and federal standards.
• Responsible for the oversight and accountability of day-to-day security operations of all classified information systems.
• Support all disciplines within the security program and ensure business needs and mission are met.
• Works directly with program managers, engineers, and the information assurance team on all phases of system life cycle development.
• Leads the team working with US Government Security Control Assessors (SCAs) and Authorizing Officials (AOs) to develop a comprehensive RMF package including System Security Plans (SSPs), Information Continuous Security Monitoring Plans, and a Body of Evidence to support system authorization.
• Interact with internal and external customers or government officials to perform security duties, address routine information security matters with employees regarding issues, report preparation, and system security access briefings, etc.
• Develops and implements facility procedures to govern marking, handling, controlling removing, transporting, sanitizing, reusing and destroying media and equipment containing classified equipment.
• Responsible for changes to the classified system components, environment and location, including temporary relocation to another classified area.
• Manages reporting and mitigation of information system security incidents. Initiates protective and/or corrective measures designed to prevent future incidents.
• Proficiency with various computer applications and testing tools (Word, Excel, PowerPoint, Nessus, Splunk, etc.).
• Strong background in assessment and authorization process of information systems and ability to write, review, and coordinate system security plans.
• Keeps abreast of industry best practices and trends, customer policies and changes, as well as new technologies, and then plans and advises for implementation.

Qualifications

Required Education, Experience, & Skills

• Either a bachelor’s degree and 10-12 years of experience; or a master’s degree and 8-10 years of experience in working with IT Security policies and government frameworks.
• Must possess and be able to maintain a TS/SCI clearance with Polygraph.
• DoD 8140.03 (8570) certification (IAM Level II – CISSP, CISM, GSLC, CASP/SecurityX).
• Experience in achieving an ATO(s) through any of the following security frameworks: FedRAMP, NIST 800-53, NIST 800-171, CNSS 1253, etc.
• Understanding of simple networks, operating systems (Microsoft Server, Windows, Linux), and computer functions.

Desired Qualifications & Skills

• High level of personal motivation and initiative to learn and acquire new skills and adapt seamlessly to an ever-changing security environment.
• Self-motivated individual who requires limited supervision and has excellent time management skills.
• Strong organizational and communication skills, particularly in technical reports, presentations, and policy documentation management.
• Familiarity with Intelligence Community (IC) information assurance and cyber systems and processes.
• Able to interface with other team members, other security disciplines, engineers, and program personnel.
• Experience in managing and operating information security tools such as Nessus, Splunk, or equivalent vulnerability management platforms, with cloud security services, etc.
• Experience in understanding and documenting information system specifications and security controls, including logical and physical diagrams, connectivity, communication, and data flow diagrams, both internal and external to the system.

EEO Statement

We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.