Information Systems Security Manager

Responsibilities include, but are not limited to the duties listed below * Responsible for performing RMF activities leading to system RMF acceptance IAW DoDI 8510.01, NIST 800-series special publications, USAF policy and instructions, and guidance as applicable on RSO IT systems in networked, stand-alone, and cloud configurations. * Accomplish system categorization, security control selection, security control implementation, security control assessment, and security control monitoring, including, but not limited to, accomplishing the RMF steps as outlined in DoDI 8510.01 on a system-by-system basis. * Develop, review, and update the necessary documentation associated with achieving RMF accreditation of each system as required. * Apply the currently accepted methods for documenting the RMF status of each system within the DoD environment. * Coordinate RMF tasks associated with the effort with the RSO cybersecurity lead. * Comply with DoD and AF RMF policies including, but not limited to, the following: * DoDI 8500.01 - Cybersecurity, DoDI 8510.01. * Risk Management Framework for DoD Information Technology, DoD 8570.01M. * Information Assurance Training, Certification, and Workforce Management, CNSSI 1253. * Security Categorization and Control Selection for National Security Systems, NIST 800-series Special Publications (SP), Computer Security, including SP 800-53. * Security Controls and Assessment Procedures for Federal Information Systems and Organizations and Air Force Instruction Series 17 Cyberspace. Education, Requirements and Qualifications * Clearance: Must have or able to obtain and maintain a Secret security clearance * Master's or Doctorate Degree in a related field and ten (10) years of experience in the respective technical / professional discipline being performed, five years (5) of which must be in the DoD OR, * Bachelor's Degree in a related field and twelve (12) years of experience in the respective technical/professional discipline being performed, five (5) of which must be in the DoD OR, * Fifteen (15) years of directly related experience with proper certifications as described in the PWS labor category performance requirements, eight (8) of which must be in the DoD * Previous C&A experience, including RMF, of Air Force and DoD information systems * Experience in implementing and enforcing IT security policies and procedures, and reviewing IT security requirements to determine impact to existing procedures * Fully competent in the execution of RMF system requirements, be capable of identifying vulnerabilities and risks of IT systems, and be able to write necessary get-well plans for any deficiencies that cannot be immediately corrected, recommending solutions with little or no supervision