Information Systems Security Manager (ISSM) Consultant
Edison, NJ

Job Description

This position is a part-time consultant position serving as the Information Systems Security Manager (ISSM) Consultant for our Client. The ISSM will be responsible for the security oversight of a small company in an adviser capacity. The ISSM will be able to navigate and articulate to the NIST Risk Management Framework (RMF) along with the federal guidelines that have been mandated by the Federal Information Security Management/Modernization Act (FISMA) for federal agencies to maintain their compliance.

SECURITY CLEARANCE:

* Must be a U.S. Citizen with either a DoD Secret (S) or Top Secret (TS) security clearance.

ESSENTIAL JOB DUTIES AND RESPONSIBILITIES:

* Provide a high level of technical understanding for problem solving and troubleshooting.
* Interact with hardware and software vendors to address issues when necessary.
* Use escalation standards and personal judgment to ensure timely resolution of problems.
* Provide training and support to employees when necessary.
* Serve as the adviser for classified/unclassified systems
* Understand each step of the Risk Management Framework
* Ensure that continuous monitoring activities are being completed/reviewed
* Vulnerability Scans
* Audit Logs
* Access Logs
* Compliance
* Policy Updates
* Contingency Plan Tests/Training
* Privacy Threshold Analysis (PTA)/Privacy Impact Analysis (PIA)
* Plan of Actions & Milestones (POA&M)


* Maintain a thorough understanding of NIST 800-53 (current revision)
* Review FIPS 199 Categorization Form to ensure accurate data types and the proper baseline (Low, Moderate, High) are used
* Ensure proper safeguards are being for the proper storage of data at rest and transit
* Identify deficiencies with information systems and recommend/implement design changes as appropriate.
* Ensure proper record retention practices
* Ensure that a Common Control Program is implemented at the organization level
* Ensure that all Assessment and Accreditation activities are completed
* The above duties and responsibilities are not intended to limit specific duties and responsibilities of any particular position.
* Generate Build of Materials, Cost Estimates and Solution recommendations.
* Manage Firewalls, maintain firewall policy, and provide security configurations recommendations.
* Respond to cyber incidents as defined in incident response SOPs.
* Other duties as assigned.

EDUCATION/EXPERIENCE/SPECIALIZED KNOWLEDGE AND COMPETENCY REQUIREMENTS:

* Bachelor's Degree from an accredited college or university in Network Engineering, Telecommunications, or Computer Science required, equivalent years of experience will be considered in lieu of degree, or a Masters with 2 + years of prior relevant experience.
* At least seven (7) years experience working in the communications/cable/IT industry required.
* CISSP, CISA and CISM Security Certifications are preferred.
* Project Management Certification preferred.
* Must hold a baseline certification as stipulated in DoD 8570.01-M.
* Experience with Windows, Windows Server, Linux and UNIX (Solaris) OS.
* Understanding of TCP/IP, VLANS and routing protocols (EIGRP, OSPF, BGP).
* Understanding of IP services (DHCP, TFTP and DNS).
* Organizational Skills (ability to organize large amounts of data in a logical manner).
* Excellent Troubleshooting Skills and usage of tools such as ping, telnet and trace route.
* Strong communication skills are required.
* Excellent documentation skills are required.
* Ability to convey technical concepts to non-technical executives and managers.
* Competent administrator of mixed-technology solutions.
* Act as part of a structured operations team in support of resolving technical issues.
* Availability to troubleshoot and resolve issues during off-work hours and/or extended hours when outages or projects required.

PHYSICAL REQUIREMENTS/EFFORT:

* May require long periods of sitting at a desk, working on a computer.



WORKING CONDITIONS:

* Office environment.
* Flexibility to work evenings and weekends as needed.