Information Systems Security Manager II Security Clearance

Position: Information Systems Security Manager II with Security Clearance
Amyx is seeking to hire a Information Systems Security Manager-Advanced to support our Cybersecurity Division in the NCE Springfield, VA area. Responsible for the cybersecurity of a program, organization, system, or enclave. Responsibilities
* Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
* Acquire necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program.
* Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture.
* Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements.
* Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
* Collect and maintain data needed to meet system cybersecurity reporting.
* Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.
* Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance.
* Ensure that security improvement actions are evaluated, validated, and implemented as required.
* Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
* Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
* Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture.
* Establish overall enterprise information security architecture (EISA) with the organization's overall security strategy.
* Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
* Evaluate cost/benefit, economic, and risk analysis in decision-making process.
* Identify alternative information security strategies to address organizational security objective.
* Identify information technology (IT) security program implications of new technologies or technology upgrades.
* Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information.
* Interpret and/or approve security requirements relative to the capabilities of new information technologies.
* Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
* Lead and align information technology (IT) security priorities with the security strategy.
* Lead and oversee information security budget, staffing, and contracting.
* Manage the monitoring of information security data sources to maintain organizational situational awareness.
* Manage the publishing of Computer Network Defense guidance (e.g., TCNOs, Concept of Operations, Net Analyst Reports,
* Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection.
* Oversee the information security training and awareness program.
* Participate in an information security risk assessment during the Security Assessment and Authorization process.
* Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
* Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
* Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans.
* Provide leadership and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities.
* Provide system-related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents.
* Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to higher headquarters.
* Recognize a possible security violation and take appropriate action to report the incident, as required.
* Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
* Recommend policy and coordinate review and approval.
* Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
* Track audit findings and recommendations to ensure that appropriate…