Cybersecurity – Information System Security Manager (ISSM)

About The Position

Requirements

• Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC, or CISM)
• 5+ years of experience with cyber security policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series
• 3+ years of experience implementing and sustaining Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012/National Institute of Standards and Technology (NIST) SP 800-171 controls and mapping to Cybersecurity Maturity Model Certification (CMMC) requirements
• This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)
• This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is required. “U.S. Person” includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee.

Nice To Haves

• 5+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs
• 5+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
• 5+ years of experience assessing and documenting test or analysis data to show cyber security compliance

Responsibilities

• Leads a team of ISSOs performing cybersecurity governance work on CUI, DFARS, and CMMC systems
• Performs security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards
• Oversees configuration management of assigned systems; auditing systems to ensure security posture integrity
• Leads staff with assessments and test/analysis data to document state of compliance with security requirements
• Conducts risk assessments and investigations, execute appropriate risk mitigations, and oversee incident response activities
• Conducts periodic hardware/software inventory assessments
• Serves as organization spokesperson on advanced projects and programs
• Acts as advisor to management and customers on advanced technical research studies
• Interfaces with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements

Benefits

• At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.
• Pay is based upon candidate experience and qualifications, as well as market and business considerations.