Information Systems Security Manager (ISSM) / Cybersecurity Specialist
McKean Defense is a Naval Life Cycle Management, Engineering, Enterprise Transformation and Program Management business headquartered in Philadelphia, PA. McKean’s engineers, developers, technical staff, programmers, analysts, and program managers identify and deploy new shipboard technologies, integrate information technology across shipboard platforms, and develop strategies to support the Warfighter. McKean’s employees create strategic solutions to help customers reach new levels of mission support and transform their organizations. McKean Defense is employee owned, and values the life experiences of potential candidates, including those who have served our Military. Currently, 38% of McKean’s employee owner workforce are veterans.
McKean Defense is seeking a Cybersecurity professional to support as an Information Systems Security Manager (ISSM). As ISSM, you will provide Risk Management Framework (RMF) Accreditation Service support to Naval Surface Warfare Center Philadelphia Division (NSWCPD). The effort includes preparation, review, revision, and maintenance of RMF A&A Packages and supporting the accreditation process from Step 1 through Step 6 as required.
1) RESPONSIBLE FOR THE CYBERSECURITY OF A NAVY CONTROL SYSTEM-OF SYSTEMS, NAVY CONTROL SYSTEM-OF-SYSTEMS SUBSYSTEM OR A STANDALONE NAVY CONTROL SYSTEM, BALANCING RISKS AND IMPACTS TO THE SYSTEM(S) AND THE MISSIONS THEY SUPPORT; THE ISSM IS ACCOUNTABLE TO THE SYSTEM PROGRAM MANAGER/OWNER.
2) RESPONSIBLE FOR WORKING WITH THE SYSTEM ENGINEERS AND SYSTEM INFORMATION SYSTEM SECURITY ENGINEERS (ISSES) TO DERIVE, DEFINE, ALLOCATE AND DOCUMENT THE CYBERSECURITY FUNCTIONAL, PERFORMANCE, DESIGN, TESTING AND EVALUATION REQUIREMENTS FROM NUMEROUS FEDERAL, DOD AND DON SOURCES TO INCLUDE, BUT NOT LIMITED TO: DODI 8500.1, DOD 8510.01, NIST SP 800-53, CNSSI 1253, NAVSEA 9400.2-M, FIPS-199, and US NAVY CROSS-SYSCOM IA TAB STANDARDS.
3) MAINTAINS THE CYBERSECURITY POA&MS FOR THE DEFINED CYBERSECURITY REQUIREMENTS, SUPPORTED BY THE SYSTEM ENGINEERS AND SYSTEM INFORMATION SYSTEM SECURITY ENGINEERS (ISSES).
4) RESPONSIBLE FOR PROVIDING FOCUSED CYBERSECURITY PLANS, PROCESSES, GUIDANCE AND RISK ASSESSMENTS TO THE PROGRAM MANAGER/OWNER, SYSTEM ENGINEERS AND SYSTEM INFORMATION SYSTEM SECURITY ENGINEERS (ISSES).
5) PROVIDE CYBERSECURITY TECHNICAL DESIGN SUPPORT IN A WAY THAT WILL RESULT IN AN ACCEPTABLE LEVEL OF RISK TO THE OPERATIONAL SYSTEM.
6) SUPPORTS CYBERSECURITY RISK ASSESSMENTS (E.G. CAKE), CYBER TABLE TOPS (CTTS) AND ANY REQUISITE PENETRATION TESTING.
7) PERFORM ALL REQUIRED AND APPROVED INFORMATION SYSTEM SECURITY MANAGER (ISSM) RISK MANAGEMENT FRAMEWORK (RMF) PROCESS STEPS IN ACCORDANCE NAVSEA 9400.2-M AND USN RISK MANAGEMENT FRAMEWORK PROCESS GUIDE, SUPPORTED BY THE SYSTEM ENGINEERS AND SYSTEM INFORMATION SYSTEM SECURITY ENGINEERS (ISSES).
8) MAINTAINS AND REPORTS SYSTEM'S ACCREDITATION AND AUTHORIZATION (A&A) STATUS AND ISSUES.
9) PARTICIPATE IN RMF PROCESS MEETINGS
Self-Starter with the ability to lead others and push projects to completion
CompTIA Security+ certification or equivalent
Ability to obtain/maintain a DoD Secret security clearance
Bachelor's Degree required (Engineering, Computer Science, or Cybersecurity related degree preferred)
Prior Risk Management Framework (RMF) or Certification and Accreditation (DIACAP) experience required (preferably 2 years minimum)
Prior Vulnerability Assessment and Mitigation experience preferred
DoD STIG experience preferred
Equal Opportunity Employer–minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity.
McKean Defense is an E-Verify company.
Job Status: Full Time