Job Description
A global electronic and semi-conductor manufacturing company is seeking a highly skilled Information Security Manager (ISSM) that will be responsible for all cybersecurity efforts at the Carlsbad, CA facility supporting development, maintenance, and oversight of the assigned classified and/or unclassified systems. This is an immediate, 6 month contract to hire opportunity and requires 5 days a week onsite and the individual must have a secret clearance.
Typical responsibilities of the ISSM may include but are not limited to:
• Developing and maintaining the site’s cybersecurity program for assigned systems.
• Ensuring all applicable cybersecurity policy, plans and procedures are followed.
• Ensuring required cybersecurity controls are implemented and validated, to include continuous monitoring actions for assigned systems.
• Developing and maintaining cybersecurity related plans, procedures and guidance.
• Maintaining DOD Emass account as the Responsible Officer; to include performing custodian duties.
• Monitoring and recognizing non-compliance, suspicious and anomalous activity (i.e., threats), and effectively reporting such activity and associated risks to the appropriate parties.
• Ensuring plans of actions and milestones or remediation plans are in place for vulnerabilities identified during monitoring activity, audits, inspections, etc. and implementing, or overseeing, required corrective actions.
• Conducting role-based cybersecurity training for assigned users.
• Creating, collecting and retaining data to meet reporting requirements.
• Monitoring and correlating data (e.g., logs, events, activity, etc.) from a variety of sources (e.g. Nessus Pro, Windows Event logs.) to identify and mitigate threats, vulnerabilities and non-compliance.
• Investigating, analyzing and responding to cyber events, incidents and non-compliance, to include trend analysis, assembling detailed written reports and briefing the appropriate parties.
• Identifying, implementing, and enforcing overall security requirements for the proper handling and storage of Government data and electronic media.
• Conducting self-inspections and preparing for customer inspections.
• Communicating and interacting professionally during the enforcement of security policy and procedures.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
Final Transferable Secret security clearance; last Periodic Reinvestigation must be within the last five (5) years or enrollment in Continuous Vetting program
• Experience executing Security Hardening on based on approved DISA STIGs and SRGs
• Experience with standard cyber security tools and applications (e.g., Nessus Pro)
• Proven expertise
• Ability to build effective customer and partner relationships
• Prior experience as an ISSO, ISSM or related DoD Cyber Workforce Role
Nice to Have Skills & Experience
Possess a valid certification that meets or exceeds DoD 8570.01-M IAM II requirements. (e.g., CASP+ CE, CISM, CISSP (or Assc), GSLC, CCISO, HCISPP
• Prior RMF (Risk Management Framework) experience.
• Proven knowledge of DCSA Assessment and Authorization Process Manual (DAAPM), Joint Special Access Program Implementation Guide (JSIG), or Risk Management Framework (RMF) as a Subject Matter Expert (SME)
• Excellent written and verbal communication skills and ability to effectively interface with numerous cognizant security agencies, customers and senior leadership
• Knowledge of other security disciplines and how they impact and interact with information system security
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.