Information Systems Security Manager (ISSM)/Team Lead Job Listing at SPA in Colorado Springs, CO (Job ID 22677)

Description

Overview

Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted. 

The Space and Intelligence Division provides professional services to the US Space Force, Combatant Commands, Intelligence Community, and NASA. Our work includes enterprise architectural assessments, systems engineering and integration, test, planning and execution, cost estimating and analysis, acquisition support, and cybersecurity.  We are trusted partners developing approaches and concepts to meet emerging high priority needs, assessing cutting-edge technologies, and supporting capabilities for our National Defense.  Come join the fastest growing Division at Systems Planning and Analysis, Inc.!

The Space Systems Group (SSG), part of SPA's Space and Intelligence Division, provides timely and objective assessments and recommendations integrating technical, operational, programmatic, policy and business analysis. We focus on our key clients in the Space community including the US Space Force's Space Systems Command (USSF/SSC), one of the three designated Field Commands under USSF. We work tirelessly to provide integrated solutions based on information and communications throughout the chain of command.  We provide clear and consistent analysis and recommendations which are aligned to strategic and leadership goals while balancing the ability to  execute on time and on budget within the technical communities. Come join an organization responsible for being a key enabler of Spacepower!

SPA has an immediate need for an Information Systems Security Manager (ISSM)/Team Lead.

This is an exciting opportunity to support the United States Space Force (USSF). The Space Systems Command has the collective USSF mission responsibility for the development, deployment, maintenance and sustainment of space systems providing early missile warning capability; environmental sensing; precision navigation, guidance and timing; nuclear event detection; space launch capability; national and military satellite communications capabilities; launch range and network systems; advanced systems; and technology development programs.

The ideal candidate will work in close collaboration with the Program Manager, Information Systems Architect and Information Systems Owner (ISO) to lead the ISSO/ISSE team to ensure security posture is met and maintained, develop security policies, procedures, plans, and all other evidence of compliance with various security controls. Creates and maintains RMF documentation to include Enterprise Mission Assurance Support Service (eMASS) and Information Technology Investment Portfolio Suite (ITIPS) database entries with System Security Plans (SSP), Security Assessment Reports (SAR), Plans of Action & Milestones (POA&M), all other artifacts and documentation tied to the NIST processes. You will provide support to maintain a strong cybersecurity posture for the system until its disposal.

• Develop and maintain an organizational or system-level cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures.
• Ensure that Information Owners (IOs) and stewards associated with DoD information received, processed, stored, displayed, or transmitted on each DoD system are identified in order to establish accountability, access approvals, and special handling requirements.
• Maintain a repository for all organizational or system-level cybersecurity-related documentation.
• Ensure that ISSOs are appointed in writing and provide oversight to ensure that they are following established cybersecurity policies and procedures.
• Monitor compliance with cybersecurity policy, as appropriate, and review the results of such monitoring.
• Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations.
• Ensure implementation of security measures and procedures, including reporting incidents to the AO and appropriate reporting chains and coordinating system-level responses to unauthorized disclosures for classified information or for CUI, respectively.
• Ensure that the handling of possible or actual data spills of classified information resident in systems, are conducted.
• Act as the primary cybersecurity technical advisor to the AO for DoD systems under their purview.
• Ensure that cybersecurity-related events or configuration changes that may impact DoD systems authorization or security posture are formally reported to the AO and other affected parties, such as IOs and stewards and AOs of interconnected DoD systems.
• Ensure the secure configuration and approval of IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to a DoD system.
• Support implementing the RMF.
• Maintain and report systems assessment and authorization status and issues in accordance with DoD Component guidance.
• Provide direction to the ISSO in accordance with DoDI 8500.01. Address issues affecting the organization's overall security through coordination with the System Owner, Program Manager, ISSO, and UR, as appropriate.

Required Qualifications

• Active DoD TOP SECRET clearance with SCI eligibility 
• Bachelor's Degree with 10+ years of experience in IT/RMF/GRC and leadership; Master's degree equivalent to 4 years experience 
• Meets DoD 8140 ISSM Advanced-Level Education, Training or Certification qualifications. (CISSP, CISM, etc.)
• Reports to designated work location in Colorado Springs up to full time, based on the needs of the customer

Preferred Qualifications

• Experience with ITIPS 
• Experience with eMASS
• Experience with FISMA
• Experience with IASE
• Experience with Xacta

At SPA, we strive to deliver a robust total compensation package that will attract and retain top talent.  Elements of the compensation package include competitive base pay and variable compensation opportunities.  

SPA provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.  The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, etc.

Please note that the salary information shown below is a general guideline only.  Salaries are commensurate with experience and qualifications, as well as market and business considerations.  Pay Transparency Range:  160k - 180k. 

Required Qualifications

• Active DoD TOP SECRET clearance with SCI eligibility 
• Bachelor's Degree with 10+ years of experience in IT/RMF/GRC and leadership; Master's degree equivalent to 4 years experience 
• Meets DoD 8140 ISSM Advanced-Level Education, Training or Certification qualifications. (CISSP, CISM, etc.)
• Reports to designated work location in Colorado Springs up to full time, based on the needs of the customer

Preferred Qualifications

• Experience with ITIPS 
• Experience with eMASS
• Experience with FISMA
• Experience with IASE
• Experience with Xacta

At SPA, we strive to deliver a robust total compensation package that will attract and retain top talent.  Elements of the compensation package include competitive base pay and variable compensation opportunities.  

SPA provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.  The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, etc.

Please note that the salary information shown below is a general guideline only.  Salaries are commensurate with experience and qualifications, as well as market and business considerations.  Pay Transparency Range:  160k - 180k. 

This is an exciting opportunity to support the United States Space Force (USSF). The Space Systems Command has the collective USSF mission responsibility for the development, deployment, maintenance and sustainment of space systems providing early missile warning capability; environmental sensing; precision navigation, guidance and timing; nuclear event detection; space launch capability; national and military satellite communications capabilities; launch range and network systems; advanced systems; and technology development programs.

The ideal candidate will work in close collaboration with the Program Manager, Information Systems Architect and Information Systems Owner (ISO) to lead the ISSO/ISSE team to ensure security posture is met and maintained, develop security policies, procedures, plans, and all other evidence of compliance with various security controls. Creates and maintains RMF documentation to include Enterprise Mission Assurance Support Service (eMASS) and Information Technology Investment Portfolio Suite (ITIPS) database entries with System Security Plans (SSP), Security Assessment Reports (SAR), Plans of Action & Milestones (POA&M), all other artifacts and documentation tied to the NIST processes. You will provide support to maintain a strong cybersecurity posture for the system until its disposal.

• Develop and maintain an organizational or system-level cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures.
• Ensure that Information Owners (IOs) and stewards associated with DoD information received, processed, stored, displayed, or transmitted on each DoD system are identified in order to establish accountability, access approvals, and special handling requirements.
• Maintain a repository for all organizational or system-level cybersecurity-related documentation.
• Ensure that ISSOs are appointed in writing and provide oversight to ensure that they are following established cybersecurity policies and procedures.
• Monitor compliance with cybersecurity policy, as appropriate, and review the results of such monitoring.
• Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations.
• Ensure implementation of security measures and procedures, including reporting incidents to the AO and appropriate reporting chains and coordinating system-level responses to unauthorized disclosures for classified information or for CUI, respectively.
• Ensure that the handling of possible or actual data spills of classified information resident in systems, are conducted.
• Act as the primary cybersecurity technical advisor to the AO for DoD systems under their purview.
• Ensure that cybersecurity-related events or configuration changes that may impact DoD systems authorization or security posture are formally reported to the AO and other affected parties, such as IOs and stewards and AOs of interconnected DoD systems.
• Ensure the secure configuration and approval of IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to a DoD system.
• Support implementing the RMF.
• Maintain and report systems assessment and authorization status and issues in accordance with DoD Component guidance.
• Provide direction to the ISSO in accordance with DoDI 8500.01. Address issues affecting the organization's overall security through coordination with the System Owner, Program Manager, ISSO, and UR, as appropriate.