Information Systems Security Manager

  • Location:
    RTP, North Carolina, US
  • Area of Interest
    Security
  • Job Type
    Professional
  • Technology Interest
    Security, Software Development, Testing
  • Job Id
    1374395

WHAT YOU'LL DO

Cisco Systems is seeking a well-qualified candidate to perform as the Information Systems Security Manager (ISSM) at its Research Triangle Park, NC campus. As the ISSM, you’ll over see the ISSO team and collaborate with Senior Leadership, Program Managers, System Administration team, and various other collaborators to enable the customer’s mission while navigating Government requirements. The position will provide “day-to-day” support for Department of Defense (DoD) Collateral and Sensitive Compartmented Information (SCI) activities. The candidate must have an in-depth knowledge of the Intelligence Community Directive (ICD) 503, the DCSA Assessment and Authorization Process Manual (DAAPM), and the Risk Management Framework process. 

The ISSM will plan, lead, coordinate and provide support to various programs to ensure that the completion of all Assessment and Authorization (A&A) activities per ICD 503, NISTs, CNSSI and other DoD and/or Intelligence Community policies. The candidate will be responsible for the life cycle of Information Systems, to include: meeting with Program Management to assist in developing requirements for Information Systems, creating the System Security Plans (SSP), reviewing/monitoring the technical security features to ensure compliance with regulations, submitting for Authorization, and meeting with Government security representatives. Once Authorized, the ISSM will ensure Information Systems maintain compliance with all applicable CONMON requirements, conducting weekly audits, vulnerability scanning, briefings, and reviews of the System Security Plan as required. The ISSM will also be responsible for all Authorized Information Systems during annual audits/reviews/inspections.


WHO YOU'LL WORK WITH

It is an exciting time in Cisco's Security & Trust Organization, as the organization evolves its mission ‘to enable a Cisco that secures itself, its ecosystem and the industry, using Cisco on Cisco and industry leading practices.


WHO YOU ARE

The Information Systems Security Manager (ISSM) will have responsibility for implementing Information Systems security tasks, as required for the safeguarding, handling, and controlling of classified information of a USG program. The ISSM will also;

  • Be a US citizen with a TS/SCI Clearance and full-scope Polygraph. 
  • Have a minimum of 5 years experience as an ISSM
  • Demonstrate Information Security expertise and experience
  • Be knowledgeable in Information Systems security in order to assure enforcement of Government regulations
  • Possess prior working knowledge of NIST 800-53 and Intelligence Community & DOD RMF practices
  • Can work independently without supervision
  • Provide daily support of the ISSO team, system users, interaction with Program Management, and occasional interaction with Government personnel
  • Responsible for system security, testing, and system authorization activities including:
  • Designing and maintaining cybersecurity RMF and ATO related documentation
  • Developing corrective action plans, receive approval, and supervise implementation of corrective actions in customer designated tools
  • Developing new documents and processes to support the development and deployment of new architectures on the enterprise platform, ensuring the deployed architecture complies with Government directives
  • Preparing Authorization documents for the Authorizing Official’s review
  • Working with the ISSOs & Systems Administrators to ensure that all Information Systems are operated, maintained, and disposed of in accordance with established Government security policies and practices
  • Leading system Assessment & Authorization activities
  • Ensure accurate protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system
  • Ensure that data ownership and responsibilities are established for each authorization boundary, to include accountability, access rights, and special handling requirements
  • Evaluate threats and vulnerabilities to determine whether additional safeguards are needed
  • Assess changes in the system, its environment, and operational needs that could affect the authorization
  • Ensure that Authorization is accomplished and a valid Authorization determination has been given for all authorization boundaries under your purview
  • Solid experience validating DISA STIGs
  • In depth knowledge of various WINDOWS, UNIX, LINUX, AWS
  • In depth knowledge of various compliance tools; ie, NESSUS, HBSS, Splunk, eMass, Xacta, etc
  • Supervisory and leadership experience
  • Experience developing and communicating briefings
  • Strong communications skills, both oral and written
  • Dedication to excellence, crafting and delivering the highest value to customers
  • Develop and submit Plan of Action & Milestones (POA&M), as required
  • Ability to enable highly effective teams, demonstrating differences in skills, knowledge, and experience to improve results
  • Able to travel periodically to other Cisco locations for 1-3 days at a time
  • DoD 8570 Industry Certification in one or more of the following: CISSP, CAP, CISM, CCISO


QUALIFICATIONS:
  • Required: BS / MS in Computer Science, Computer Engineering or similar technical degree
  • Preferred: MBA or other advanced degree, Project Management Professional (PMP) certification or other project / process certification
  • 5+ years work experience in the technology industry


WHY CISCO
#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference powering an inclusive future for all. 

We embrace digital, and help our customers implement change in their digital businesses. Some may think we’re “old” (36 years strong) and only about hardware, but we’re also a software company. And a security company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do – you can’t put us in a box!

But “Digital Transformation” is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)

Day to day, we focus on the give and take. We give our best, give our egos a break, and give of ourselves (because giving back is built into our DNA.) We take accountability, bold steps, and take difference to heart. Because without diversity of thought and a dedication to equality for all, there is no moving forward.

So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us!

#LI-AV1
Cisco COVID-19 Vaccination Requirements
The health and safety of Cisco's employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.

Share