Information Systems Security Manager (ISSM)

Job Description

Job Description

Apogee Solutions, a Woman-owned Small Business, is seeking an Information Systems Security Manager (ISSM) at Shaw Air Force Base, SC to provide support for the oversight and management of multiple disciplines to support the 25th Attack Wing (25 ATKW) mission across three geographically separated locations.

The ISSM will assist with wing-level interface between HQ ACC, AFGSC, AFSOC, AETC, Combat Air Force units, and other USAF, Department of Defense (DoD) and U.S. Government agencies.

Responsibilities:

• Serve as the 25 Attack Wing Information Assurance Officer (IAO) for Advanced Programs with responsibility for planning, analysis, acquisition, design, development, implementation, quality assurance, configuration, installation, integration, maintenance testing, operational integrity, and systems security of Automated Information Systems and classified Local Area Network/Wide Area Network (LAN/WAN) systems that support the Wing Advance Program Office and associated Special Access Program Areas.
• Assist in the development of Wing Level guidance for applying security policy, procedures, techniques, equipment, and methods to a variety of work situations and various levels or degrees of security controls. Research, interpret, and apply National, DoD, Director of Central Intelligence Directive (DCID), Joint Air Force Army Navy (JAFAN), USAF, and MAJCOM policies classifying and protecting special access program systems, national defense, and other sensitive information originated or controlled by the wing and associated personnel.
• Certify special access AIS to ensure compliance with governing directives and procedures. Coordinate approval of AIS with USAF and MAJCOM. Conduct initial isolation and containment of AIS involved in improper configuration and usage.
• Advise GSSO and information systems security representatives on proper methods of handling, destruction, and storage of AIS media.
• Assist in the development and implementation of established security policies, practices, procedures, and techniques to a variety of organizations or situations that differ in kind and level of security, complexity, and local conditions or circumstances requiring adjustment or modification of established approaches. Assesses circumstances to determine if a deviation from standard security and investigative standard is warranted and justify the approval of temporary waivers.
• Assist unit-level Information Assurance Officers in implementing AIS security education programs.
• Advise IAOs of security training requirements, changes in security procedures, publication of security directives, and enhancements designed to increase security of AIS.
• Conduct the Information Assurance Awareness Program training for both initial and recurring information protection training. Maintains required course records.
• Develop methods of adapting regulations to the local serviced organizations. Give security briefings to new employees during orientation and at other times when necessary.
• Assist in the performance of self-inspection and presents detailed and comprehensive report with any corrective action taken by the wing. Follows-up to ensure complete and quality resolution of discrepancies.
• Manage the Network Security Program.
• Implement and advise on IT security policies and procedures to ensure protection of information transmitted to the installation, among organizations on the installation, and from the installation using Local Area Networks (LAN), Wide Area Networks (WAN), or other communications modes.
• Utilize current and future multi-level security products collectively to provide data integrity, confidentiality, authentication, non-repudiation, and access control of the LAN. Reports to USAF and MAJCOM all incidents involving viruses, tampering, or unauthorized system entry.
• Implement guidance to ensure the protection of Internet information and reduce the risk associated with automated processing of information/data in an effective manner.
• Administer customer accounts, create and delete user accounts, assign and reset passwords, and ensure firewalls are installed to decrease possibility of virus infiltration. Control access to prevent unauthorized persons from using network facilities. Limit access to privileged programs (i.e., operating system, system parameter and configuration files, and databases), utilities, and security-relevant programs/data files to authorized personnel.
• Assist in the development and implementation of methods to prevent or minimize direct access, electronic or other forms of eavesdropping, interpreting electro-mechanical emanations, electronic intercept, telemetry interpretation, and other techniques designed to gain unauthorized access to IT information, equipment, or processes.
• Evaluate unusual circumstances to recognize and define potential vulnerabilities and select and oversee the installation of physical and technical security barriers to prevent others from improperly obtaining such information.
• Proactively interact with users to ensure proper operation of computer systems, hardware, and software. Demonstrate processes and provides orientation and ongoing training for users. Provide technical hands-on assistance with software installations, hardware configurations, and communication networking. Provide ongoing technical support to customers to ensure proper functional use of equipment and programs and to prevent undue interruptions to IT services.
• Track life of system equipment, prepares and provides analyses to determine future maintenance and replacement costs to help justify budget submissions.
• Oversee the use of automated systems by providing instructions to functional area users on processes to include database and file accessing techniques, search strategies, processing and space utilization efficiencies, database security procedures, backup and program recovery techniques, and testing techniques.
• Provide management with information necessary to address difficult and complex problems in automating work processes.
• Support customers to resolve integration or configuration related issues associated with a variety of different system platforms, operating systems, applications, and desktop configurations. Develops and maintains a trouble resolution database.

Requirements:

• US Citizen with the ability to pass a background check, to include Federal Bureau of Investigation (FBI) fingerprint check and National Agency Check with Written Inquires (NACI)
• Active, adjudicated TOP SECRET / SCI Clearance
• Minimum of five (5) years of IT experience, with a CompTIA Security+ certification meeting DoD 8570.01-M IAT Level II position requirements
• Per DoD 8570.01-M, this position must achieve the appropriate IA certification (CISSP) within 6 months of assignment of these duties
• No negative administrative, judicial, non-judicial, or criminal action/record in previous civilian or military employment for 5 years
• No history of being terminated from civilian employment, denied reenlistment, administratively discharged, or separated from the military under any condition other than honorable
• Demonstrated ability to operate effectively within fast-paced, mission-driven settings while maintaining accuracy, discretion, and compliance with applicable policies and regulations
• Possess strong business acumen and professional judgment, with demonstrated proficiency in Microsoft Office 365 applications, including but not limited to Outlook, Word, Excel, PowerPoint, Teams, and SharePoint
• Must have a strong attention to detail and be highly organized