Skip to main content

This job has expired

Information Systems Security Manager

Employer
Northeastern University
Location
Massachusetts, United States
Salary
Salary Not specified
Date posted
Aug 17, 2021


Information Systems Security Manager

About Northeastern:
Founded in 1898, Northeastern is a global research university and the recognized leader in experience-driven lifelong learning. Our world-renowned experiential approach empowers our students, faculty, alumni, and partners to create impact far beyond the confines of discipline, degree, and campus.

Our locations—in Boston; Charlotte, North Carolina; London; Portland, Maine; San Francisco; Seattle; Silicon Valley; Toronto; Vancouver; and the Massachusetts communities of Burlington and Nahant—are nodes in our growing global university system. Through this network, we expand opportunities for flexible, student-centered learning and collaborative, solutions-focused research.

Northeastern's comprehensive array of undergraduate and graduate programs— in a variety of on-campus and online formats—lead to degrees through the doctorate in nine colleges and schools. Among these, we offer more than 195 multi-discipline majors and degrees designed to prepare students for purposeful lives and careers.

About the Opportunity:
The Information Systems Security Manager at KRI, LLC (ISSM) position provides an excellent and unique opportunity for an ISSM Professional to function in an academic and research driven environment. The ISSM provides direct support to classified program requirements and unclassified, controlled unclassified information (CUI) program. This is a very hands-on role which encompasses establishing and administering KRI classified accredited automated information systems and the KRI unclassified facility network. The position requires a logical and structured approach to troubleshooting and decision making with an emphasis on providing superior customer service and security.

The Information Systems Security Manager at KRI, LLC (ISSM) position provides an excellent and unique opportunity for an ISSM Professional to function in an academic and research driven environment. The ISSM provides direct support to classified program requirements and unclassified, controlled unclassified information (CUI) program. This is a very hands-on role which encompasses establishing and administering KRI classified accredited automated information systems and the KRI unclassified facility network. The position requires a logical and structured approach to troubleshooting and decision making with an emphasis on providing superior customer service and security.

The Information Systems Security Manager will serve as the point of contact for all local technical and Information Assurance (IA) matters for assigned systems and areas and will provide subject matter expertise to personnel at the KRI site as well as other Northeastern affiliates on the Burlington Campus, Boston campus, and satellite campuses as they are set up. The successful candidate will ensure KRI adherence to the guidance and requirements of the NISPOM (including Chapter 8), the DAAPM, DCID 6/3, ICD 503 and associated NIST publications, as well as customer/contract imposed specific IA directives.

This position is located on Northeastern University's Innovation Campus at Burlington, MA with travel to the Boston campus, and travel elsewhere as satellite locations are brought onboard. The position is with KRI, LLC, which is a wholly owned subsidiary of Northeastern University, and will report to the KRI LLC FSO. Close partnership with, and support of the KRI Program Management Office for DoD contracts is required. Additionally, the position will work closely with the university Information Technology Systems Office and the university Compliance Office.

Responsibilities:

Systems Management including:
  • Automated Information System (AIS) configuration/hardening
  • Writing System Security Plans for classified AIS with all required supporting documentation
  • self-inspections on IS assets
  • audit trail reviews
  • anti-virus updates
  • system backups
  • operating system and applications programs updates
  • configuration management changes and IS security education and awareness training.
  • Integral member of the team responding to any network incident pursuant to the Incident Response Plan
  • Maintain Hardware and Software baselines for the unclassified network


Network Administration including:
  • Maintain and audit the KRI unclassified facility network in conformance with the published Electronic Communications Plan (ECP)
  • CMMC policy documents
  • Individual accredited classified government computer systems
  • IA program at KRI including Risk Management Framework (RMF) of Information Systems (IS)
  • Document preparation
  • Configuration management
  • Certification testing and submission eMASS


Responsibilities:

Systems Management
  • Self-inspections on IS assets
  • Audit trail reviews
  • Anti-virus updates
  • System backups
  • Offline Vulnerability Scans
  • Operating system and applications programs updates
  • Configuration management changes
  • IS security education and awareness training

Integral member of the team responding to any network incident pursuant to the Incident Response Plan

Network Administration
  • Maintain and audit the KRI unclassified facility network in conformance with the published Electronic Communications Plan (ECP)
  • CMMC policy documents
  • Individual accredited classified government computer systems
  • IA program at KRI including Risk Management Framework (RMF) of Information Systems (IS)
  • Document preparation
  • System configuration/hardening
  • Configuration management
  • Certification testing and submission eMASS

Qualifications:
  • Bachelor's Degree with a concentration in Computer Science or equivalent preferred with a minimum of 4-6 years' experience in a related field
  • Active DoD Secret level security clearance with the ability and qualifications to obtain and maintain a DoD Top Secret clearance and additional security accesses
  • Experience working with and supporting SIPRNet and JWICS
    • Translate operational requirements into technical requirements and architectures needed to meet program objectives
  • DoD 8570.1M certified consistent with IAT Level III requirements. Experience working with network equipment and mixed network environments/configuration.
    • Working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
    • Experience with auditing and certifying compliance of various systems (Windows, Linux, Network Devices and peripherals).
    • Experience with the preparation of Risk Management Framework (RMF) documents and procedures
    • Experience with development and delivery of IA-related briefings and training material.
    • Experience with compliance and vulnerability scanning tools (Nessus, SCAP, ACAS, SCC).
    • Experience with conducting all aspects of a self-inspection
    • Experience with DCSA Risk Management Framework (RMF)
    • Experience writing System Security Plans and supporting documents for submission in eMASS
    • Understanding of NIST 800-171
    • Understanding of CMMC requirements
    • Experience monitoring various SIEMs
  • Requires a logical and structured approach to troubleshooting and decision making with an emphasis on superior customer service and security.
  • Required experience hardening automated information systems to meet DoD requirements for Windows and Linux systems.
  • Must have ability to convey complex technical concepts in understandable business terms and demonstrate the ability to work both independently and as part of a cohesive cross-functional team.
  • Knowledge and experience with various operating systems to include Windows Server, Windows 7 Professional/Enterprise, Linux and Unix.
    • Experience with conducting all aspects of a self-inspection
    • Experience with DCSA Risk Management Framework (RMF)
    • Experience writing System Security Plans and supporting documents for submission in eMASS
    • Understanding of NIST 800-171
    • Understanding of CMMC requirements
    • Experience monitoring various SIEMs
  • Requires a logical and structured approach to troubleshooting and decision making with an emphasis on superior customer service and security.
  • Required experience hardening automated information systems to meet DoD requirements for Windows and Linux systems.
  • Must have ability to convey complex technical concepts in understandable business terms and demonstrate the ability to work both independently and as part of a cohesive cross-functional team.
  • Knowledge and experience with various operating systems to include Windows Server, Windows 7 Professional/Enterprise, Linux and Unix.



Preferred Qualifications:

  • Experience with CCRI preparation
  • Familiarity with service desk applications and/or incident management environments
  • Audio Visual skills
  • Experience with DAAPM and the Risk Management Framework


Salary Grade:
12

Additional Information:
Northeastern University is an equal opportunity employer, seeking to recruit and support a broadly diverse community of faculty and staff. Northeastern values and celebrates diversity in all its forms and strives to foster an inclusive culture built on respect that affirms inter-group relations and builds cohesion.

All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, religion, color, national origin, age, sex, sexual orientation, disability status, or any other characteristic protected by applicable law.

To learn more about Northeastern University's commitment and support of diversity and inclusion, please see www.northeastern.edu/diversity.



To apply, visit https://careers.pageuppeople.com/879/cw/en-us/job/505532

jeid-6fe083cc15424a4baebc74bef7b25e1a

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert