Information System Security Manager (ISSM)
Fully Remote
Job Type
Full-time
Description

GoldenWolf, LLC is a trusted advisor and facilities management support and construction management services provider for military facilities professionals. Our team members are highly skilled and experienced in facilities and construction management and bring deep expertise and cultural understanding to our clients’ unique challenges working not only in military facilities but also within the Department of Defense political and fiscal environment.

 
As a Woman-Owned, Service-Disabled Veteran Owned Small Business with 8(A) certification, GoldenWolf is uniquely positioned to serve our military clients. Our history demonstrates a broad and deep range of engineering, technical, and strategic services. GoldenWolf’s goal is to develop innovative and executable solutions in all facets of facilities management.


The Information System Security Manager serves as part of a program management team providing consultation and advice to Government and contractor personnel tasked to support DHA facilities life cycle management. Provide worldwide support for Capital Strategy Management (CSM) within the DHA Facilities Enterprise (FE) Medical Military Construction (MILCON), Major Repair, and other programs. The Technical Support Services will provide capabilities, support services and expertise in health facility planning, project management, requirements identification, design development, construction management, initial outfitting and transition (IO&T) management, total building commissioning (TBCx), operations and maintenance, post-occupancy evaluations, and the application of U.S. building codes and standards, DoD and DHA Criteria and other regulatory requirements and standards as it relates to the cybersecurity of Low Voltage Systems (LVS), Facility Related Control Systems (FRCS) and Information Management/ Information Technology (IM/IT). 


The ISSM is responsible for providing technical support of the FRCS Cybersecurity Project Management Office (PMO) during the Planning, Design, Construction, Initial Outfitting & Transition (IO&T) and Commissioning phases of DHA FE Military Construction (MILCON) and Operations and Maintenance (O&M) repair projects. Provide Design Submittal Technical Reviews and Comments, Represent DHA FE during all project phases with the Agent to enforce DHA Criteria and Standards, Assist in the Planning of RPIE FRCS for DHA FE Projects. Verify completeness and accuracy of design submittals; contribute to technical documents to enhance accuracy of project criteria and standards; participate in Post Occupancy Evaluations (POE) to provide and recommend updates to RPIE FRCS Cybersecurity criteria and planning standards. Increased Capacity to coordinate with internal and external stakeholders to ensure RPIE FRCS Cybersecurity Standards and Criteria remain relevant. Support cybersecurity planning for military facilities and provide training and development to new IOT IT Planners in support of the portfolio of projects supported by DHA FE. 


Responsibilities


Technical Support Services and capabilities to support Real Property Installed Equipment (RPIE) LVS, FRCS, and IM/IT Planning and Program Management worldwide in support of DHA FE Projects include but are not limited to: 


Provide cybersecurity/ISSE services and Technical Support, in the role of Information System Security Manager (ISSM). Tasks related to ISSM support include, but are not limited to: 

  • Maintain communication with Government lead in order to ensure the needs of the mission are being meet. Receive guidance or direction from government lead when questions/issues arise. 
  • Develop and maintain an organizational or system-level cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures.
  • Support the program establish FRCS vendor interoperability testing with the Medical Community of Internet (Med COI) Enclave, to Type Authorize DHA FRCS, and develop an DHA FRCS Approved Products List (APL).
  • Ensure that IOs and stewards associated with DoD information received, processed, stored, displayed, or transmitted on each DoD IS and PIT system are identified in order to establish accountability, access approvals, and special handling requirements.
  • Support the effort to update and complete an inventory and risk assessment of all FRCS across the DHA Medical Treatment Facilities (MTFs).
  • Maintain a repository for all organizational or system-level cybersecurity-related documentation.
  • Develop FRCS RMF Templates for use by DHA Facilities Enterprise project teams to support risk mitigation, assessment compliance, and RMF authorization.
  • Establish Policy for FRCS within DHA FE MILCON projects to advance the cybersecurity requirements within DHA MILCON projects 
  • Collaborate with the FRCS designated SCA/SCAR to insure FRCS compliance with DHA RMF requirements and to socialize FRCS PMO policy
  • Monitor compliance with cybersecurity policy, as appropriate, and review the results of such monitoring. 
  • Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations.
  • Ensure implementation of IS security measures and procedures, including reporting incidents to the appropriate reporting chains and coordinating system-level responses to unauthorized disclosures in accordance with References for classified information or References for CUI, respectively.
  • Act as the primary cybersecurity technical advisor to the Security Control Assessor (SCA) or his representative (SCAR) for DoD FRCS systems under their purview. 
  • Ensure that cybersecurity-related events or configuration changes that may impact DoD FRCS systems authorization or security posture are formally reported to the [ATHC(1] SCA/SCAR and other affected parties, such as IOs and stewards and AOs of interconnected DoD ISs. 
  • Ensure the secure configuration and approval of FRCS below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to a DoD FRCS system.
  • Participate in project/site coordination meetings as requested by the Program Manager (PM) to address technical questions and to develop points of contact. This includes, as directed, coordinating with Huntsville Center Project Management, Engineering and Change Management personnel, other Huntsville Center Contractors supporting DHA, and Installation points of contact (POC), collecting data and distributing RMF artifacts to support successful completion of DHA projects
  • Review documentation, submittals, and status reports received from the Project teams

Technical Quality Assurance:

  • Review RPIE LVS, FRCS and IM/IT technical documents for accuracy, completeness, and consistency. Types of technical documents include, but are not limited to, performance work statements, design documents, requests for proposal, design and construction submittals, policy, standard operating procedures, criteria, and regulations.
  • Coordinate reviews and comments with DHA Facilities Enterprise Project Managers, DHA CSM planners and SME’s, USACE employees, Service Component staff, designers, constructors, IO&T contractors, and other stakeholders. 
  • Review and provide recommendations for improvement to all project phases. Examples include, but are not limited to DHA RPIE LVS, FRCS, and IM/IT recommended contract language and specification update.

Technical Writing:

  • Contribute to technical documents that support the implementation of standardization across DHA FE. Such documents include, but are not limited to, performance work statements, requests for proposal, lessons learned documents, IM/IT/LVS functional processes, and the DHA FE FRCS Cybersecurity Procedures.

Training:

  • Support the capability to prepare and conduct training for all Planners, Project Managers, IO&T managers, and Facility Operations (FO) on their roles and responsibilities associated with the cybersecurity of RPIE LVS, FRCS and IM/IT. 
  • Support the capability to conduct training for DHA Facilities Enterprise staff as required by the CSM Chief.

    


 

Requirements

Qualifications

  • Minimum of 5 years working on DHA Military Construction (MILCON) Projects, reviewing designs, providing technical expertise and solution development, and supporting RMF Efforts associated with the project. 
  • Minimum 5 years supporting Military Hospitals at various levels.
  • Expertise working with Engineering & Design teams to develop enterprise technical solutions in accordance with DoD Instructions and cybersecurity policy and guidance
  • Working understanding of Routers, Switches, Firewalls, Proxy Servers, Various Operating Systems, VPN and Palo Alto Networks
  • Current DoD IAM Level II (or higher) certification.
  • Preferred to currently have two or more of the following certifications: Cisco Certified Network Associate (CCNA), Project Management Professional (PMP), Certified Information System Security Professional (CISSP), and SANS GIAC Global Industrial Cyber Security Professional (GICSP)
  • Bachelor’s Degree Preferred
COVID-19 Vaccination Requirement:


As Federal Contractors, GoldenWolf is committed to complying with all COVID-19 safety protocols detailed in President Biden’s Executive Order 14042, Ensuring Adequate COVID Safety Protocols for Federal Contractors and the related requirements issued by the Safer Federal Workforce Task Force.All GoldenWolf employees are required to be fully vaccinated by January 18, 2022 unless a medical or religious exemption has been granted. New employees are required to be fully vaccinated or seek and receive an approved exemption to the vaccination requirement by January 18, 2022. All exemption requests are subject to a review board. In the event an exemption has been granted, the employee must comply with all COVID-19 safety protocols mandated by our customers and the Safer Federal Workforce Task Force, including but not limited to frequent testing and attestation in compliance with the EO. Contract and site-specific vaccination requirements, if more strict, will take precedence over GoldenWolf's vaccination policy.


Salary Range:  $110,000.00 - $140,000.00 annually.  Compensation based upon experience and skill level.


Job Type: Full-Time (40 plus hours a week).


Benefits Offered: 

  • 10 Federal Observed Holidays
  • Medical, Dental, Vision, and Employee Paid Supplemental Benefits
  • 401K Retirement Savings With Employer Matching Up to 5%
  • Paid Time Off


All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual preference, gender identity or national origin. 
Salary Description
$110,000.00 - $140,000.00 annually