*This is a contingent opportunity

Information Systems Security Manager (ISSM)

K2 Group is searching for an ISSM to support the Air Force Research Laboratory Sensors Directorate (AFRL/RY) at Wright-Patterson Air Force Base, OH.

Duties:

• Be the Directorate’s Certification & Accreditation (C&A) process expert.
• Perform C&A duties in compliance with the Risk Management Framework (RMF) structure at the SCI and below level in accordance with all applicable regulations.
• Follow AFRL procedures to use the Enterprise Mission Assurance Support Service (eMASS), AFRL Enterprise Business System (EBS), Xacta or other workflow tools to obtain an Interim Approval to Operate IATO/ Approval to Operate (ATO).
• Prepare, submit, and track all Directorate C&A packages of all Research, Development, Test, & Evaluation (RDT&E) computer information systems for base-level and higher headquarters approval, and ensure that all systems are following DoD Information Technology (IT) C&A guidance.
• Submit a quarterly Plan of Action and Milestones (POA&Ms) to HQ AFRL and maintain 100% accountability for all accredited systems and RDT&E systems requiring POA&Ms.
• Ensure the Directorate C&A community remains updated on eMASS; review eMASS registration workbooks, recommend changes/clarification and submit updated workbooks to HQ AFRL for registration of Point-to-Point, Standalone, Standalone Enclave systems having a Federal Information Security Management Act (FISMA) requirement.
• Coordinate any changes or modifications to hardware, software, or firmware of a system directly with the Authorizing Official (AO)/ Delegated Authorizing Official (DAO) prior to the change.
• Conduct routine maintenance, perform backups, and install upgrades and patches to the systems and networks.
• Produce artifacts that include but not limited to answers, implementation, documentation, and testing of applicable Information Assurance (IA) controls, topology diagrams, hardware lists, software lists, ports and protocols lists, and plan of action and milestones.
• Complete or assist in the completion of vulnerability scans and DISA STIG reviews.
• Research and propose solutions for identified risks to eliminate or mitigate adverse impact to an acceptable level.
• Interact and coordinate with system program managers to create, update, and maintain system documentation and supporting artifacts related to the RMF process.

Requirements:

• Five (5) years of relevant experience

Certifications:

• SPēD Security Fundamentals Professional Certification (SFPC) – required at start
• Microsoft SQL Server Management Studio (or Security+) – required at start
• SPēD Security Asset Protection Professional Certification (SAPPC) – required within 6 months of entry on duty
• Must hold a DoD 8140.03-compliant certification (at start):
• Information Assurance Technical (IAT) Level II (required)
• Information Assurance Technical (IAT) Level III (preferred)

Clearance:

• Active Top Secret/SCI

Benefits: K2 Group’s benefit offerings include: Medical/ Dental/ Vision Insurance; FSA Medical & FSA Dependent Care; Pre-tax 401(k) & ROTH 401(k) plans; Profit Sharing Plan; Life & Accidental Death Insurance; Short Term/ Long Term Disability; Voluntary Group Life Insurance option; Tuition Reimbursement; Job-related Course Reimbursement; Holiday Pay; and Paid Time-Off