Oasis Systems, LLC has an exciting opportunity for an Information Security Manager focusing on corporate level Information and Cyber Security for all locations. The Information Security Manager will be responsible for assisting with the establishment of security strategy, managing cybersecurity operations and implementing and monitoring information security standards and policies. In addition, this individual will maintain IT security Appliances, Software, and Hardware to support the onsite and remote staff as needed. This position reports to the IT Director, and will be tasked with performing the following IT and information security related tasks.
REQUIRED QUALIFICATIONS: (Education, Certifications, Experience, Skills)
- EXPERIENCE LEVEL: 5-10 years experience in IT with at least five years specialized information or cyber security related work
- EDUCATION: Bachelor’s degree in Information Security or Cybersecurity
- JOB STATUS: Full-Time and on call 24/7 as necessary
- Extensive knowledge and understanding of Federally mandated cybersecurity requirements and guidance:
- NIST Special Publications (800-37, 800-53, 800-18, 800-171, etc.)
- Federal Information Security Modernization Act (FISMA)
- Federal Information Processing Standards (FIPS)
- Strong IT skills including administrative knowledge of hardware, software, networks, and data centers
- Ability to identify vulnerabilities and potential cybersecurity issues
- Critical thinking skills, problem solving aptitude, and attention to detail
- Desire to self-educate on the ever-changing landscape of cyber hacking tactics
- Excellent customer service skills
- Excellent judgement and decision-making skills
- Be highly proactive and self-motivated
- Strong analytical and problem-solving skills.
- Strong interpersonal skills to interact with customers, senior and executive level personnel, and team members
- Strong organization skills to prioritize work and balance complex projects.
- Strong verbal and written communication skills
- The ability to accept constructive feedback and implement changes immediately.
- The ability to prioritize and perform multiple tasks in a timely manner
- The ability to work well under pressure
- Ability to obtain a DOD TS Clearance.
Additional Preferred Technical Skills/Industry Knowledge:
- Forensic experience
- Ethical hacking experience
- Certifications such as CEH, CISSP, or CISM
RESPONSIBILITIES: Functionally, the candidate will be responsible for:
- Responsible and accountable for establishing and maintaining a strategically sound company-wide information and cyber security program to ensure that IT assets and information are adequately protected, including the oversight and coordination of all cybersecurity efforts, ensuring consistency with regulatory and compliance requirements that govern cybersecurity. This includes, but is not limited to DFARS requirements, FISMA, and NIST
- Responsible for developing and managing Information Systems cyber security, including disaster recovery, database protection and software implementation/development.
- Ensures that all applications are functional and secure
- Lead for developing and delivering Information Security standards, best practices, architecture and systems to ensure information system security across the enterprise including but not limited to: Servers, Storage, Networking, endpoints, email, SAS systems, cloud hosting, etc.
- Lead for implementing procedures and methods for auditing and addressing non-compliance to information security standards
- Assists with the migration of non-compliant environments to compliant environments
- Evaluates and audits the organization to ensure compliance with standards and relevance with industry security norms and regulations applicable to Government Contractors as defined by the DFARS 252.204-7012 clause including NIST special publication 800-171
- Implement, design, support, and monitor network security devices to protect against internal and external intrusions, attacks, and hacks
- Identify attempted and/or successful cyber attacks, report them to upper management, and cooperate with appropriate local and federal agencies during and after any investigation.Assess software and hardware for security vulnerabilities and risks.
- Perform vulnerability scanning and penetration testing on internal systems (Firewalls, servers, Endpoints etc.)
- Mitigate vulnerabilities and harden the Enterprise as required. This includes, but is not limited to the mitigation of viruses, Trojans, malware and other security vulnerabilities.
- Train end-users related to cybersecurity issues such as avoiding phishing attacks, social engineering, and malware.
- Work as part of the IT Team to develop plans, strategies, policies and procedures.
- Work as part of the IT Help Desk Team for cybersecurity issues and resolutions.
- Functions as the primary point of contact for information security and Cybersecurity issues.
- Assists with building and maintaining a heightened awareness of IT and cybersecurity within the organization
- Assisting with other duties & projects as assigned.
Oasis Systems is a premier provider of customer-driven, cost-effective and quality Engineering Services; Enterprise Systems and Applications; Human Factors Engineering; Information Technology and Cyber Security; Professional Services; and Specialized Engineering Solutions to the Department of Defense, FAA, NRC and other federal agencies.
We strive to be an exciting and welcoming company that attracts, develops, motivates and retains the most talented, skilled and dedicated people in the industry; where they are encouraged to achieve personal excellence, purpose, and their full potential and career aspirations; while supporting mission-critical national security technologies and programs.
Oasis Systems is an equal opportunity employer and does not discriminate in hiring or employment on the basis of any legally protected characteristic including, but not limited to, race, color, religion, national origin, marital status, gender, sexual orientation, ancestry, age, medical condition, military veteran status or on the basis of physical handicap which, with reasonable accommodation, render the application to satisfactorily perform the job available.