Cybersecurity (CS) Operations Manager

The Cybersecurity (CS) Operations Manager will be responsible for the management of 8-13 Information System Security Officers (ISSOs) and Information System Security Engineers (ISSEs) who are responsible for maintaining CS protection of all the government agency’s data and systems. The team will provide technical support to maintain the confidentially, integrity, and availability of data and privacy of IT and mission information systems. The lead will support the government CISO in executing the CS requirements for information technologies through the use of the Risk Management Framework (RMF) consistent with the principles established in National Institute of Standards and Technology (NIST).

As the manager, the individual will serve as a technical lead who will serve as an ISSO or ISSE as needed. The individual will perform such functions as:

• Identify and inject RMF requirements into acquisition processes, requirements development, procurement, and IT (hardware and software) development efforts.
• Provide services to include proactive security vulnerability assessment, implementation, and monitoring of all computer systems and network infrastructure.
• Perform vulnerability/risk analyses of computer/network systems and applications during all phases of the system development lifecycle.
• Assist in conducting certification and accreditation on applications IAW the RMF.
• Create processes, assesses incident reports, and develops and implements crisis communication plans.
• Create compliance reports, supports the audit process, measures cybersecurity operations performance metrics, and reports on cybersecurity operations to the government CISO and CIO.

As the manager, responsibilities include interviewing, selection and hiring; training new and existing employees; planning, assigning and directing work; addressing employee performance and corrective action plans; employee motivation and rewards. This person will serve as a key member of the IT management team, who will work with other team leaders and task areas to:

• Clarify/resolve process-related activities for technical team.
• Monitor and report progress against plans through final acceptance and signoff.
• Manage, coordinate, and resolve project issues, decisions, and risks.

If the candidate is already on the program, the candidate will maintain Individual Contributor (IC) role. If the candidate is not, then the individual would also need to be selected for an open IC role.

Mandatory Qualifications:

• Bachelor's degree (preferred area of study: Computer Science, Cybersecurity, Data Science, Information System, Information Technology or Software Engineering) with 12 years of experience, may have supervisory or lead experience.
• Active Top Secret clearance with SCI eligibility
• One of the following active certifications: CISM, CISSP, CISSP-ISSMP, FITSP-M, GCIA, GCIH, GICSP, or GSLC.
• Well-versed in best practices for cyber security program standards, processes, and procedures compliance, industry-standard security frameworks and demonstrated expert working knowledge of NIST Special Publication (SP) 800-53: Recommended Security Controls for Federal Information Systems, NIST SP 800-53A: Guide for Assessing the Security Controls in Federal Information Systems, AFPD 17-1 and AFI 17-130, Cybersecurity Program Management.
• Experience writing security policies and procedures, Cyber Security Strategy (CSS), System Security Plan (SSP), System Security and Privacy Plan (SSPP), and assess all ATO package artifacts.
• Demonstrated strong written and verbal communication skills.
• Demonstrated strong customer and partner relationship building skills.

Desired Qualifications:

• Experience transitioning from RMF v4 to v5.
• Basic understanding of identity and access management system capabilities and configuration.
• Experience with cloud computing platforms such as AWS and Azure.
• Experience with TASKORDS, OPORDS, etc.
• Experience leading Cybersecurity (ISSO & ISSE) teams.