AECOM Information Sys Security Mgr in Virginia
United States of America - Maryland, Germantown
Alternate Locations US - Virginia - Telecommute
Management Services seeking an Information System Security Manager (ISSM) to work closely with Government Security and act as liaisons to the business line to represent security service to implement, requested information systems processing capabilities within secured work areas. Simplified, the ISSM is responsible for all aspects of the systems themselves, including their operating policies, system security, user management, and lifecycle management. Security, therefore, has purview over all other aspects of the process, including facility security, managing clearances and need-to-know, and customer incident reporting
Ensures the development of IS security education, awareness, and training activities for facility management, IS personnel, users, and others, as appropriate.
Establishes, documents, and monitors the IS Security Program and related procedures for all facilities and ensures facility compliance with requirements for IS.
Collects and reports unique local threats/vulnerabilities to IS.
Ensures that periodic self-inspections of all facility's IS Programs are conducted as part of the overall facility self-inspection program and that corrective action is taken for all identified findings and vulnerabilities. Self-inspections are to ensure that the information system is operating as accredited and that accreditation conditions have not changed.
Possess or be able to acquire TS/SCI and ISA/TS clearances to meet the highest security requirements of all programs within Management Services. Note that a polygraph may also be required in the future to be read onto specific programs, but is not at this time.Must be able to respond on-site for all systems for which they are responsible within a reasonable amount of time, here defined as 90 minutes.
Minimum of five years operational excellence in a field directly related to Information Systems Security.
Have working knowledge of Enterprise Mission Assurance Support Service (eMASS) application that supports Information Assurance (IA) program management for the Risk Management Framework (RMF)
At least two Systems or Information Security certifications, one of which fulfills DoDD 8570. The other certification should be CISSP or an equivalent. Create Standards for Compliance, Ensure Reporting Compliance with Reporting Requirements.
Preferred experience managing budget for all activities, understanding Homogenize System Security Plan (SSP) Certification and Accreditation Efforts. Preferred experience with creating Standards for Compliance and Ensure Reporting Compliance with Reporting Requirements.
What We Offer
When you join AECOM, you become part of a company that is
pioneering the future . Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions
inclusion, diversity and overall
employee well-being through programs supported by company leadership. Our
core values define who we are, how we act and what we aspire to, which comes down to not only
delivering a better world , but working to “make amazing happen” in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.
Job Category Engineering - Project / Program / Management
Business Line Management Services
Business Group Management Services Group (MS)
Country United States of America
Position Status Full-Time
Requisition/Vacancy No. 227687BR
Clearance Required No
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.