Colorado Jobs

Colorado Jobs

Job Information

LinQuest Information Systems Security Manager (ISSM) in Colorado Springs, Colorado

DescriptionLinQuest is seeking a Information Systems Security Manager (ISSM) to joinour team at our office in Colorado Springs, CO.The LinQuest Corporation has an opportunity for a motivated and collaborativeInformation Systems Security Manager (ISSM) in Colorado Springs,Colorado. The ISSM provides technical and programmatic Information AssuranceServices to internal and external customers in support of network andinformation security systems. Designs, develops and implements securityrequirements within an organizations business process. Prepares documentationfrom information obtained from customer using accepted guidelines such as RMF(Risk Management Framework). Prepares test plans. Provides assessment andauthorization (AandA) support in the development of security andcontingency plans and conducts complex risk and vulnerability assessments.Analyzes policies and procedures against Federal laws and regulations andprovides recommendations for closing gaps. Develops and completes systemsecurity plans and contingency plans. Recommends system enhancements toimprove security deficiencies. Develops, tests and integrates computer andnetwork security tools. Secures system configurations and installs securitytools, scans systems in order to determine compliancy and report results andevaluates products and various aspects of system administration. Conductssecurity program audits and develops solutions to lessen identified risks.Develops strategies to comply with privacy, risk management, ande-authentication requirements. Provides information assurance support for thedevelopment and implementation of security architectures to meet new andevolving security requirements. Evaluates, develops and enhances securityrequirements, policy and tools. Provides assistance in computer incidentinvestigations. Performs vulnerability assessments including development ofrisResponsibilities:Candidate shall have a strong experience with customer's accreditationprocess (e.g. NIST800-53, DAAPM, JSIG)Conduct assessments of existing IT architecture for compliance with securityrequirements from applicable security frameworks and customer requirements.Provide technical and procedural Information System (IS) Security adviceto government and industrial teams.Produce high-quality documentation to support the System SecurityAccreditation process, such as bodies of evidence (BOEs), systemsconcept of operations, policies and procedures, and system security plans(SSPsServe as subject matter expert (SME) to Development teams as they addressPlan of Actions and Milestones (POAandM) resulting from security scansManage day-to-day security posture and continuous monitoring of IS includingsecurity event log review and analysis.Ensure system security measures comply with applicable government policies.Provide configuration management and accurately assess the impact ofmodifications and vulnerabilities for each system.Conduct reviews and technical inspections (as prescribed by the Lead ISSM)to identify and mitigate potential security weaknesses and ensure that allsecurity features applied to a system are implemented and functional.Create and monitoring and resolving Plan of Action and Milestones(POAandM) to mitigate system vulnerabilities on assigned Information Systems.Draft and/or prepare and maintain security Assessment and AuthorizationdocumentationCoordinate with PSO or cognizant security official on approval of ExternalInformation Systems (e.g. guest systems, interconnected system withanother organization);Ensure System Administrators (SA) monitor all available resources thatprovide warnings of system vulnerabilities or ongoing attacks;Ensure approved procedures are used for sanitizing and releasing systemcomponents and media;Maintain a repository of all security authorizations for IS under theirpurview;Ensure proper measures are taken when an IS incident or vulnerability isdiscoveredEnsure data ownership and responsibilities are established for each IS, andspecific requi

DirectEmployers