Information Security Manager - ClearanceJobs : Job Details

Saab is seeking a Manager, Information Security to join our team in East Syracuse, NY. This individual will oversee information assurance activities for Saab's classified and corporate environments ensuring compliance with the National Industrial Security Program, Cyber Security Maturity Model Certification (CMMC), and International Standards Organization (ISO) standards. The Information Security Manager will provide expert advice in evaluating and designing security solutions and working with technicians throughout the company in implementing, maintaining, and constantly improving the information security practice. The right individual should be well organized with the ability to work cross functionally in a fast-paced environment.

• Development and maintenance of internal policies and procedures and incorporate industry best practices.
• Develop and maintain system security plans, risk assessments, and other Risk Management Framework related artifacts.
• Resolving vulnerabilities identified during security scans, apply required patches and Security Technical Implementation Guides (STIGs), performing self-assessments, and support third-party SCA assessments.
• Preparation of documentation to include Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)
• Planning, designing, and building security architectures that meet DoD/ISO/NIST/CMMC requirements in coordination with IT.
• Managing requirements for network and computer security and ensures compliance with corporate cybersecurity policies and procedures.
• Defining cybersecurity requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices.
• Conducting risk assessments.
• Responding immediately to cybersecurity-related incidents across multiple teams and providing a thorough post-event analysis.
• Investigate intrusion incidents and conduct forensic investigations.
• Investigating security alerts to determine applicability to the environments.
• Interfacing with various government/customer representatives.
• Participation in internal proposal efforts related to cybersecurity/IA requirements.
• Manage and update the Information Security Awareness program.
• Performing security assessments based on NIST and contractual requirements.
• Participating in selection and operation of security infrastructure including vulnerability management, SEIM solution, incident response tools, etc.
• Manage team of information/cyber security professionals.

Compensation Range: $146,800-$190,800 The compensation range provided is a general guideline. When extending an offer, Saab, Inc. considers factors including (but not limited to) the role and associated responsibilities, location, and market and business considerations, as well as the candidate's work experience, key skills, and education/training.

Proven ability to network with key stakeholders outside of the security team and adapt communication style to persuade and advise others on security matters. Can lead cross-functional teams and interact effectively with various departments to achieve security objectives. Ability to present results/content to customers (internal or external) or other stakeholders. Ability to apply broad and in-depth professional knowledge to resolve complex security issues and develop new policies and procedures. Proficient in creative problem-solving and offering solutions that align with organizational objectives. Ability to analyze complex security situations and make strategic decisions based on detailed evaluations of data and risk factors. Capable of exercising independent judgment in selecting the appropriate methods and techniques for addressing multifaceted security issues. Experience performing DoD ACAS scans. Experience developing, applying, and assessing secure technical baselines for various applications and products (i.e., Windows OS, Linux OS, firewalls, switches, etc.) Strong knowledge of NIST Standards relating to information technology, cybersecurity and risk management Strong knowledge of RMF and its implementation as related to the Department of Defense (i.e. STIGs, ACAS, etc.) Ability to work under pressure and meet deadlines while managing complex security challenges is essential. Ability to plan/coordinate security and/or cybersecurity activities across multiple programs within the business Knowledge of handling required for information security violations and incidents Ability to manage internal and external customer expectations; and provide presentations to executive leadership, government members, and external customers Excellent interpersonal and analytical skills Must hold a current SECRET clearance. Education/Certifications: BA/BS degree in information assurance or related discipline 15+ years of experience Or MA/MS degree in information assurance or related discipline 13+ years of experience And DoD 8570.01 IAM Level III Certification (e.g., CISSP) This position requires a highly skilled professional with a passion for security and risk management.

Must be a U.S. citizen. Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information.