Excentium, Inc. is a Service Disabled veteran-owned small business that provides Cyber Security Engineering, Information Assurance (IA), Program Management, and other Information Technology (IT) services to Government and commercial organizations.

We have an opportunity for an Information Systems Security Manager (ISSM) to support one of our Federal customers in the Falls Church Va. area.

MINIMUM CLEARANCE LEVEL: Active DOD Secret Clearance
CITIZENSHIP: US Citizenship
LOCATION:

Position Description:
ISSM shall assist the entire Team in Support to the WRNMMC in cybersecurity lifecycle process health care systems/applications. Activities will include risk assessments, annual reviews, and ATOs. Prepare and maintain a current POA&M that identifies system weaknesses, vulnerabilities and proposed mitigation activities- recommendations, mitigation schedules based on the availability of resources required, points-of contact that are responsible for mitigation activities, and status of the mitigation/remediation activities. The candidate will support information system life cycle activities from rapidly establishing systems to support classified proposals, to scoping systems for new programs and preparing Risk Management Framework packages, to regular maintenance, support and upgrades of systems during program execution, to program close-out and de-certification activities.

Responsibilities:

Perform the following:

• • Support the WRNMMC in cybersecurity lifecycle for health care systems/applications. Activities will include risk assessments, annual reviews, and ATOs.
  • Using eMASS to maintain the cybersecurity status of systems and creating ATO packages
  • Ensure system security measures comply with applicable government policies.
  • Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
  • Maintain thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Traceability Matrix (SCTM).
  • Provide support for maintaining appropriate operation information assurance (IA) posture for programs.
  • Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional.
  • Assist in monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.
• Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, SCTM)
• Ensuring the privacy of Personally Identifiable Information (PII) and Protected Health Information (PHI) within these systems/applications
• Develop remediation, mitigations, risk assessments, and security analysis to support system authorizations to include POA&M development
• Willingness to learn other technical areas required for the WRNMMC
• Providing technical consulting support

Skills:

• Minimum Five (5) years of ISSM experience – preferably with the Department of Defense (DoD) lifecycle management, and or the Defense Health Agency.

• Maintains awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges
• Customer/mission focused
• Excellent time management skills; keeps commitments

Qualifications:

• A minimum of a Bachelor's Degree (B.S.) in Cybersecurity, Computer Science, Electrical Engineering or a related field
• IAM Level III CISSP, CISM certification.
• Outstanding communication skills including verbal (listening and speaking), written and presentation
• Understanding of NIST 800-53 controls
• Desired knowledge of one or more of the following security tools: AppDetective, Webinspect and/or Fortify.
• Expertise in one or more security disciplines/areas of expertise including software development, databases, applications, software assurance, operating systems, identity and access management, etc.
• Knowledgeable in POAMs, eMASS, DIACAP/RMF and FISMA
• Knowledgeable in HIPAA policies and procedures is highly desirable

Excentium offers a competitive salary and comprehensive benefits package, including medical, dental, life, disability, 401k, and paid time off.

Interested candidates should apply at the following web site: http://www.applicantstack.com/client/Excentium/x/openings for immediate consideration.

Excentium, Inc. is an equal opportunity employer.