Information Systems Security Manager; ISSM), JM - PR Security Clearance

Position: Information Systems Security Manager (ISSM), JM - PR 1370 with Security Clearance
PE Systems, Inc. has a great opportunity for a Information Systems Security Manager (ISSM), JM - PR 1370 supporting Nuclear Command, Control, and Communications (NC3) Program at Hanscom AFB, MA location. The candidate will perform work that applies a broad theoretical and practical knowledge of engineering to the planning, design, and implementation of secure and resilient communications and information systems.

At PE Systems, Inc., we truly value our employees. We unite exceptional talent with rewarding careers. Our dedicated team enjoys generous PTO, holidays, competitive pay, and outstanding benefits! Voted Best Places to Work in Dayton since 2022! General Function:
* Shall ensure that all system and application deliverables meet the requirements of all National, Federal, DoD, and Department of the Air Force Cybersecurity policies as identified in the following paragraphs or as required by law.
* Shall be able to perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.
* At the initiation of the period of performance and throughout the period of performance of the contract the Contractor shall ensure personnel performing cybersecurity activities obtain and remain current with qualification requirements as directed by DoDI 8140.02, Identification, Tracking and Reporting of Cyberspace Workforce Requirement, and outlined in DoDM 8140.03- M Cyberspace Workforce Qualification and Management Program, and AFMAN 17-1303, Cybersecurity Workforce Improvement Program.

* Support of system/application Assessment and Authorization (A&A) efforts, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing National, DoD, and Department of the Air Force policies (i.e., Risk Management Framework (RMF)).
* Recommend policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data.
* Conduct risk and vulnerability assessments and inspections of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
* Evaluate threats and vulnerabilities to information systems to ascertain the need for additional safeguards.
* Participate in meetings/teleconferences, change control boards (CCBs) and working groups (WGs) to ensure the continued alignment of cybersecurity requirements in the technical baselines, the system security architecture, information flows, design, and the security controls.
* Evaluate system sources of changes such as Deficiency Reports (DRs), Problem Reports (PRs), Change Requests/Proposals (CRs/CPs), and AF Form 1067s; provide inputs to the root cause analysis reporting and the formulation of recommended solution from alternatives; determine the security impacts of proposed or actual changes to the system, environment, threats, and vulnerabilities; and if any, document in written reports the changes/revisions to the system's RMF artifacts.

* Review and provide inputs to modification packages, program/system documents and support agreements updates, and communications and network infrastructure upgrades to ensure proper cybersecurity configuration modification management; implementation of technical, managerial, operational requirements; and support requirements (e.g. planning, testing, test infrastructure, documentation, training, etc.) are identified.
* Review system test plans and test results and if necessary, observe system testing for security control implementation IAW cybersecurity policies, guidance, and plan. Document findings in a report.
* Perform security impact analysis on any system change and appropriately prepare letters of assurance, security impact letters, and risk assessment letters to include exceptions, deviations, or waivers to cybersecurity requirements when applicable.
* Continuously monitor intelligence and open-source information for vulnerabilities affecting systems, assess risk, and provide POA&M recommendations.
* Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals.
* Conduct systems security monitoring, evaluations, audits, and reviews.
* Recommend systems security contingency plans and disaster recovery procedures.
* Recommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
* Participate in network and systems (to include cryptographic) design to ensure implementation of appropriate systems security policies.
* Knowledge of cryptography and cryptographic key management concepts.
* Facilitate the gathering, analysis, and preservation of…