Job Description
Date Posted:
2025-02-11
Country:
United States of America
Location: HVA34: Sterling, VA 22640 Davis Dr , Sterling, VA, 20164-7104 USA
Position Role Type:
Onsite
Our team in Sterling, Virginia, is seeking an Information System Security Manager (ISSM). The Information Systems Security Manager is responsible for compliance oversight, assessment, and operations of systems under their purview. They may be assigned to a single large-scale program or oversee multiple programs. The ISSM will have joint support efforts in Richardson, TX and Sterling, VA.
Must have knowledge regarding National Industrial Security Operating Manual (NISPOM) and related documentation such as:
Risk Management Framework (RMF),
Baseline Technical Security Configuration Standards,
Defense Counter-Intelligence Security Agency (DCSA)
Assessment and Authorization Process Manual (DAAPM)
Customer/contract specific Cybersecurity regulations.
Joint Special Access Program
Implementation Guide (JSIG)
Components of the cybersecurity (CS) program include Assessment and Authorization (A&A) activities (documentation preparation, system configuration/validation, certification testing, etc.), security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.), conducting self-inspections, and delivering information systems security education and awareness.
You will conduct recurring Cybersecurity reviews on information systems in accordance with DoD Manuals, NIST Special Publications, customer directives, and company policies as applicable (see list below for further details).
You'll serve as subject matter experts (SME) on a broad range of Cybersecurity topics. You may represent the Cybersecurity organization and business unit to external Cybersecurity counterparts.
What You Will Do
ISSMs are required to maintain IAM Level III certification commensurate with their role as required by DoDD 8140 (8570).
Complete all DCSA and Collins Aerospace required training within 6 months of appointment (annual requirements thereafter).
Accountability for all systems under their assigned purview.
Maintaining a working knowledge of all CIS functions, security policies, technical security safeguards, and operational security measures.
Interactions with DCSA SCA/ISSP to track items including, but not limited to, upcoming authorizations (ATO), new technologies solutions (i.e., new SIEM, OS, etc.), policy interpretations (in conjunction with Site ISSM), and onsite A&A.
Developing, maintaining, and updating, in coordination with all system stakeholders (CS Manager, ISO, DT, etc.), applicable site POAM(s) to identify system weaknesses, mitigating actions, resources, and timelines for corrective actions.
Coordinating DCSA SVA preparation activities for assigned CAGE in conjunction with Site ISSM.
Qualifications You Must Have
A University Degree or equivalent experience and minimum 8 years prior relevant experience, or an Advanced Degree in a related field and minimum 5 years experience
Experience supporting cybersecurity compliance as stipulated by DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), and/or National Industrial Security Program Operating Manual (NISPOM) regulations
Past direct leadership or project/program management experience
IAM Level III certification (CISSP or other)
Relevant Experience Considered:
Cybersecurity, systems security or hardening
Networking
Compliance-based auditing using the Risk Management Framework (RMF) and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA
Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics)
Physical security/security, policework/criminal justice, investigations, or Border Patrol
Project or program management, office management, senior administration, or account management
Active and transferable U.S. government issued Secret security clearance is required prior to start date.
U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.
Important note: Within six months of hire date, you must obtain and maintain a Security professional certification commensurate with IAM Level III certification.
Qualifications We Prefer
Master?s Degree in Computer Science, Information Systems, Information Technology, Cyber Security, Criminal Justice, Business or other relevant degree
Experience with various information system security tools that address vulnerability analysis and mitigation.
These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc.
Experience in the oversight and execution of the Assessment & Authorization processes (Certification & Accreditation), as defined in JSIG/RMF
Experience in the execution and management of Information System?s (IS) incident response and administrative inquiries/investigations in collaboration with the Investigations department
Experience in and execution of a continuous monitoring/improvement program (to include but not limited to self-inspections, security control assessments, training, log management systems, automated inventory utilities, etc.)
Experience working with Jira/Confluence.
Experience working with the customer, both internal and external in the development of Basis of Estimates (BOE's) and contract negations
Experience with any of the following: NISPOM, JSIG/RMF, and ICD-503 or equivalent requirements to include technical computer/network system auditing
Experience in professional engagements with internal and external customers (i.e., AOs, DAOs, SCAs, Program Managers, etc.), to include negotiating controls/requirements with government Contracting Activities
The salary range for this role is 112,000 USD - 224,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate?s work experience, location, education/training, and key skills.
Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.
Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.
This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.
RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.
RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans? Readjustment Assistance Act.
Privacy Policy and Terms:
Click on this link (http://www.rtx.com/privacy/Job-Applicant-Privacy-Notice)
to read the Policy and Terms
Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
2025-02-11
Country:
United States of America
Location: HVA34: Sterling, VA 22640 Davis Dr , Sterling, VA, 20164-7104 USA
Position Role Type:
Onsite
Our team in Sterling, Virginia, is seeking an Information System Security Manager (ISSM). The Information Systems Security Manager is responsible for compliance oversight, assessment, and operations of systems under their purview. They may be assigned to a single large-scale program or oversee multiple programs. The ISSM will have joint support efforts in Richardson, TX and Sterling, VA.
Must have knowledge regarding National Industrial Security Operating Manual (NISPOM) and related documentation such as:
Risk Management Framework (RMF),
Baseline Technical Security Configuration Standards,
Defense Counter-Intelligence Security Agency (DCSA)
Assessment and Authorization Process Manual (DAAPM)
Customer/contract specific Cybersecurity regulations.
Joint Special Access Program
Implementation Guide (JSIG)
Components of the cybersecurity (CS) program include Assessment and Authorization (A&A) activities (documentation preparation, system configuration/validation, certification testing, etc.), security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.), conducting self-inspections, and delivering information systems security education and awareness.
You will conduct recurring Cybersecurity reviews on information systems in accordance with DoD Manuals, NIST Special Publications, customer directives, and company policies as applicable (see list below for further details).
You'll serve as subject matter experts (SME) on a broad range of Cybersecurity topics. You may represent the Cybersecurity organization and business unit to external Cybersecurity counterparts.
What You Will Do
ISSMs are required to maintain IAM Level III certification commensurate with their role as required by DoDD 8140 (8570).
Complete all DCSA and Collins Aerospace required training within 6 months of appointment (annual requirements thereafter).
Accountability for all systems under their assigned purview.
Maintaining a working knowledge of all CIS functions, security policies, technical security safeguards, and operational security measures.
Interactions with DCSA SCA/ISSP to track items including, but not limited to, upcoming authorizations (ATO), new technologies solutions (i.e., new SIEM, OS, etc.), policy interpretations (in conjunction with Site ISSM), and onsite A&A.
Developing, maintaining, and updating, in coordination with all system stakeholders (CS Manager, ISO, DT, etc.), applicable site POAM(s) to identify system weaknesses, mitigating actions, resources, and timelines for corrective actions.
Coordinating DCSA SVA preparation activities for assigned CAGE in conjunction with Site ISSM.
Qualifications You Must Have
A University Degree or equivalent experience and minimum 8 years prior relevant experience, or an Advanced Degree in a related field and minimum 5 years experience
Experience supporting cybersecurity compliance as stipulated by DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), and/or National Industrial Security Program Operating Manual (NISPOM) regulations
Past direct leadership or project/program management experience
IAM Level III certification (CISSP or other)
Relevant Experience Considered:
Cybersecurity, systems security or hardening
Networking
Compliance-based auditing using the Risk Management Framework (RMF) and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA
Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics)
Physical security/security, policework/criminal justice, investigations, or Border Patrol
Project or program management, office management, senior administration, or account management
Active and transferable U.S. government issued Secret security clearance is required prior to start date.
U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.
Important note: Within six months of hire date, you must obtain and maintain a Security professional certification commensurate with IAM Level III certification.
Qualifications We Prefer
Master?s Degree in Computer Science, Information Systems, Information Technology, Cyber Security, Criminal Justice, Business or other relevant degree
Experience with various information system security tools that address vulnerability analysis and mitigation.
These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc.
Experience in the oversight and execution of the Assessment & Authorization processes (Certification & Accreditation), as defined in JSIG/RMF
Experience in the execution and management of Information System?s (IS) incident response and administrative inquiries/investigations in collaboration with the Investigations department
Experience in and execution of a continuous monitoring/improvement program (to include but not limited to self-inspections, security control assessments, training, log management systems, automated inventory utilities, etc.)
Experience working with Jira/Confluence.
Experience working with the customer, both internal and external in the development of Basis of Estimates (BOE's) and contract negations
Experience with any of the following: NISPOM, JSIG/RMF, and ICD-503 or equivalent requirements to include technical computer/network system auditing
Experience in professional engagements with internal and external customers (i.e., AOs, DAOs, SCAs, Program Managers, etc.), to include negotiating controls/requirements with government Contracting Activities
The salary range for this role is 112,000 USD - 224,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate?s work experience, location, education/training, and key skills.
Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.
Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.
This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.
RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.
RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans? Readjustment Assistance Act.
Privacy Policy and Terms:
Click on this link (http://www.rtx.com/privacy/Job-Applicant-Privacy-Notice)
to read the Policy and Terms
Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Key skill Required
- Networking
- Account Management
- Confluence
- Cyber Security
- Cybersecurity
- DAOs
- Quality Management
- Accounts
- Accountability
- Affirmative Action
- Analysis
- Authorization
- Awareness
- Change Management
- Clearance
- Collaboration
- Compliance
- Computer Network
- Computer Science
- Configuration
- Continuous Monitoring
- Contracting
- Coordination
- Criminal Justice
- Development
- Documentation
- Electronics
- Hardening
- Hardware Troubleshooting
- Implementation
- Incident Response
- Information System
- Insurance
- Intelligence
- JIRA
- Leadership
- Life Insurance
- Log Management
- Management
- Management Systems
- Negotiating
- Office Management
- Orientation
- Physical Security
- Privacy Policy
- Program Management
- Publications
- Rehabilitation
- Risk Management
- Risk Management Framework
- RTX
- Sap Implementation
- Science
- Security
- Security Clearance
- Security Control
- Short-Term Disability
- System Configuration
- Training
- Troubleshooting
- User Interface
- Validation
- Industrial Security
- Certification Testing
