Information Security Systems Manager

Description

At Weston Solutions, Inc. you will do meaningful work and make valuable contributions. Employee-ownership at Weston is a path to professional growth and access to diverse opportunities in a highly connected community that works together across key service areas to make a difference in the environment.

Weston has continued to evolve and adapt to our changing world as a premier provider of environmental and infrastructure services for over sixty years.

In both the public and private sectors our teams help identify, solve, mitigate, and manage critical environmental issues to help clients achieve a more sustainable future.

Weston Solutions, Inc. is a dynamic and growing organization committed to maintaining the highest information security standards.

As we expand our team, we are seeking a skilled professional to take on the role of Information System Security Manager .

The ISSM is responsible for ensuring all Information System Security policies and procedures are enforced to support assessment, authorization and continued operation of information systems processing classified will collaborate with cross-functional teams, assess security controls, and maintain compliance with relevant policies and regulations.

If you are passionate about cybersecurity, compliance, and risk management, this position offers an exciting opportunity to contribute to our mission.

Location : West Chester, PA Expected Outcomes

• Manages Risk Management Framework (RMF) processes and product maintenance for assigned systems.
• Security Controls Implementation : Oversee the implementation and maintenance of security controls in accordance with the System Security Plan (SSP) and company policies.
• ATO Maintenance : Ensure assigned systems maintain their Authority to Operate (ATO) through independent security assessment and authorization.
• Access Controls Oversight : Manage access controls, ensuring proper implementation and management.
• Audit Log Review : Regularly review audit logs to identify security incidents or anomalies.
• Risk Assessment : Conduct assessments of controls to ensure proper implementation and effectiveness. Must have a strong working knowledge of the RMF process.
• Document Management : Provide requested documents to auditors, ensuring accuracy and sensitivity labeling.
• Vulnerability Management : Evaluate new vulnerabilities and coordinate corrective actions.
• Collaboration : Work closely with Security Engineers, Operations Center, and subject matter experts.
• Compliance Tracking : Track findings from vulnerability and compliance scans in the Corrective Action Plan (CAP) and manage them in the Cyber Security Assessment and Management (CSAM) system.
• Manages and performs security compliance continuous monitoring.
• CMMC / CUI Support Help with procedures, evidence and testing compliance for the Cybersecurity Maturity Model Certification requirements for Controlled Unclassified Information (CUI).
• Capable of researching regulations and making applicability determinations.

Knowledge, Skills & Abilities

• Minimum of 5 years in information security roles, including ISSM or ISSO responsibilities.
• Candidate must be a U.S. citizen and possess an active DoD Secret Clearance at the minimum.
• Bachelor’s degree in a related field (preferred).
• CISSP, CISM, or other relevant certifications (preferred).

Technical Skills :

• Familiarity with basic PC troubleshooting, configuration, and system maintenance.
• Ensure compliance with NISPOM, DAAPM, and other applicable regulations.
• Familiarity with routing protocols.
• Knowledge of security impact assessments.
• eMASS experience.
• ATO package development, including generating security documentation for requirements, security control assessment, STIG and SCAP tools Standard Operating Procedures, test results, etc.

Soft Skills :

• Strong communication and collaboration abilities.
• Attention to detail and analytical thinking.
• Ability to work independently and as part of a team.

We fully invest in our people : Weston provides a generous , comprehensive benefits package program that offers employees high value options with solid financial protection, meeting the personal needs of its people and their families.

• Medical, Dental, Vision, 401K with base and matching employer stock contributions.
• Paid time off includes personal, holiday and parental leave.
• Life and disability plans.
• Critical illness and accident plans.
• Work / Life flexibility.
• Professional development opportunities.

Compensation will vary based upon experience, education, skill level, and other compensable factors.

Salary Range : $51,700 - $68,900 - $86,000