4 months ago
The Boeing Company is looking for highly motivated Cybersecurity (Level 4) specialist to join our Enterprise Government Cybersecurity team in Southern California. As an Information Systems Security Manager (ISSM) the candidate will rely on their cybersecurity and Information Assurance (IA) background to lead Southern California Boeing sites in meeting Joint Special Access Program (SAP) Implementation Guide (JSIG), Intelligence Community Directive (ICD) and National Industrial Security Program Operating Manual (NISPOM) requirements.
The candidate must have demonstrated leadership qualities, strong verbal and written communication skills, and must be able to communicate clearly at one-on-one and group levels; convey sense of purpose and mission that motivates others; maintains direction, and balances big-picture concerns with day-to-day issues.
The candidate must set high expectations for him/herself first, and have the courage to raise the bar continuously. They will hold themselves and others accountable for continuous improvement. They will communicate expectations directly, openly and effectively. They must be able to guide and mentor others in creating relevant options for addressing problems/opportunities and achieving desired outcomes. They must communicate with team leaders, managers and internal employees in the decision-making process to obtain needed information, make the most appropriate decisions, and ensure buy-in and understanding of resulting decisions.
The candidate must proactively determine project or assignment requirements by breaking them down into tasks and identifying types of equipment, materials, and people needed. They must consistently and proactively identify more critical and less critical activities and assignments and effectively adjust priorities when appropriate.
The candidate will rely on their extensive cybersecurity and technical background to perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to assess compliance with accepted industry and government standards; under the Risk Management Framework (RMF) develop Authorization and Assessment (A&A) documentation for new and existing information systems, to include Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL), and Continuous Monitoring (CONMON); review various system security configurations and operating systems such as Windows, Linux, and Solaris for compliance with governing requirements.
The candidate will lead and coordinate vulnerability and penetration assessments, prepare technical reports, lead remediation efforts, and perform data analysis to ensure security requirements compliance; direct and conduct risk analysis and threat assessments; oversee activities of incident response and investigations.
The candidate must have extensive knowledge of verification, validation, certification and qualification processes and procedures, including knowledge of current governing regulations and compliance requirements; advanced level of understanding and proficiency in the use of a broad range of technologies, networking computing hardware and software applications; extensive knowledge of processes and tools needed to maintain, archive, and retrieve digital files; as it relates to cybersecurity, possesses the ability to read and understand contracts, Statements of Work (SoW), and DD-254s.
Boeing is the world's largest aerospace company and leading manufacturer of commercial airplanes and defense, space and security systems. We are engineers and technicians. Skilled scientists and thinkers. Bold innovators and dreamers. Join us, and you can build something better for yourself, for our customers and for the world.
OFFICE OF INT GOVERNCE
Relocation Assistance Available
No. Relocation assistance is not a negotiable benefit.
This position requires an active Top Secret Clearance U.S. Security Clearance. (A U.S. Security Clearance that has been active in the past 24 months is considered active) .
Typical Education & Experience:
Technical bachelor's degree and typically 9 or more years' related work experience or a Master's degree with typically 7 or more years' or a PhD degree with typically 4 or more years' related work experience or an equivalent combination of education and experience. A technical degree is defined as any four year degree, or greater, in a mathematic, scientific or information technology field of study.
Possess the following IAM Level 3 DoD 8140.01 (previously 8570.01) or higher Certifications: CISM, CISSP, or GSLC.
Experience implementing a Risk Management Framework (RMF).
Extensive experience with policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, ICD-503, JSIG, and NIST 800 series special publications.
Extensive experience in assessing and documenting test or analysis data to show cybersecurity compliance.
Demonstrated knowledge of processes and tools to protect, maintain, archive, sanitize, and retrieve digital files.
Demonstrated extensive knowledge with security relevant tools, systems, and applications in support of RMF to include: NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS.
Demonstrated experience with performing security compliance monitoring and security policy assessments/audits.
Yes, 10 % of the Time
Contingent Upon Program Award