Information Systems Security Manager

Job Description:Senior Information Systems Security Manager (ISSM), Fairfax, VA.Summary:Provide senior-level security certification and accreditation consulting related to the maintenance, upgrade, and technology insertion for a DoD-approved classified network with multiple sites. Specifically, maintain, update, and create new policies/procedures/SOPs and ensure the Assessment and Authorization (A&A) process utilizing the Risk Management Framework (RMF) within XACTA, eMASS, RSA Archer, and/or MCCAST.  Develop new accreditation approaches to support the rapid deployment of unaccredited applications by supervising the development process (inside development enclaves), the risk assessment process, and the deployment process of these custom-developed applications.Assessment and Authorization Consultant Activities:Learn and understand the infrastructure to include security device configurations and Zone guidelines as outlined in DISA’s Enclave Test and Development STIG.Develop new documents and processes to support the development and deployment of new architectures on the enterprise platform, ensuring the deployed architecture complies with DoD directives.Prepare accreditation documents for the Authorizing Official’s review.Prepare Memorandums of Understanding (MOU) documents with agency partners.Coordinate with vendors who provide custom-developed applications to ensure the applications are developed and maintained in accordance with DoD policies and procedures.Update Risk Management Framework accreditation documents as appropriate and ensure the Continuous Monitoring Process is implemented and maintained.Assist in the following activities to introduce new systems or applications into the infrastructure:Coordinate engineering discussions with application developers to determine the best architecture to support the deployment of the new application on the infrastructure which complies with DoD guidelines related to production and Zone DoD guidelines.Assist in developing CONOPs for the operation of the new system on the network.Approve change requests as required to deploy the new system components on the network.Coordinate with the appropriate team members to determine the applicable STIGs for the new system - and deliver the STIG lists to the system developers.Assist with documenting the Risk Assessment Report for new applications based on scan results from the IA team.Discuss system details with the Authorizing Official’s (AO’s) representatives, specifically detailing potential risks introduced by any new applications along with associated mitigations.Communication and Initiative:Attend weekly ops meetings and discuss your area of responsibility (Assessment and Authorization).Take the initiative to talk to team members daily to coordinate team efforts to ensure high-priority tasks are accomplished.Take the initiative to observe IA processes and procedures and make recommended improvements.Take the initiative to recommend technology improvements to the overall architecture.Requirements:Active Top-Secret Clearance.Bachelor’s Degree or higher in an Information Technology Field.10+ years of experience.IAM-II Level Certification (e.g. CAP, GSLC, CISM, CISSP, CASP).Benefits:4  Weeks Paid Time Off.All Federal Holiday’s Paid Vacation.Four Percent Matching 401K.Full health/vision/dental benefits for the employee and family are paid 100% by ZTI Solutions, LLC. About ZTI Solutions, LLC: ZTI Solutions, LLC was founded in 1997 in Virginia and is classified as a small business. The company is owned and operated by its founder, Rudy Zadnik, who emphasizes moral and business excellence over increasing company profits. This results in a more customer-oriented attitude towards mission accomplishment, as opposed to growing profits or sales.Our approach to consulting and engineering centers around using only highly skilled personnel who are seasoned industry veterans. All employees hold high-level industry and vendor certifications. We offer a comprehensive set of consulting and staff augmentation services, primarily focused on networking and security consulting in the classified space.