L3Harris is dedicated to recruiting and developing diverse, high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do.
L3Harris Technologies is the Trusted Disruptor in the defense industry. With customers’ mission-critical needs always in mind, our employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security.
Job Title: Information Systems Security Manager (ISSM)/COMSEC Custodian
Job Code: 17148
Job Location: Fall River, MA
Schedule: 9/80
Active DOD Secret Security Clearance Required for consideration
Job Description:
L3Harris Fall River, MA, is seeking a program specific Information System Security Manager (ISSM) in support of Department of Defense programs. Duties for successful candidates include, but are not limited to reviewing and developing information system accreditation/certification support documentation; interacting with customers when changes occur that may affect the information system accreditation/certification; performing system and network self-inspections; identifying information system vulnerabilities and implementing countermeasures.
Responsibility for program policy creation/update; maintaining information system security records. The ISSM will provide assistance on IT and information system security issues that may affect the mission of the customer. This position works under the direction of the Facility Security Officer (FSO).
Develop and conduct risk assessment procedures for verification of RMF/Assessment and Authorization (A&A) safeguards to meet various regulatory requirements based upon JSIG and NIST 800 series (800-53, 800-171 etc.) guidelines.Author and provide oversight of various artifacts supporting RMF package artifacts to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Actions & Milestones (POA&M), Continuous Monitoring (ConMon) Plan, CONOPS, and other RMF BoE artifacts.Coordinate with internal/external partners to establish system security designs and validate compliance requirements.Responsible for analyzing and/or administering security controls for information systems.The selected candidate will act as a member of a diverse security team and participate in Engineering and Configuration Review Boards and Working Groups to develop secure system solutions.Monitor IA Program compliance by performing periodic self-inspections, tests and reviews of the IS to ensure that systems are operating as authorized/accredited and that conditions have not changed.Configuration of change management processes (hardware/software, account Management, Disposition, Assured File Transfers (AFT) and related documentation in accordance with policies and procedures.Review audit data of the IS and IS components (technical & physical) for anomalous or unauthorized activities.Participate in documenting and publishing security related workflows and procedures to mitigate vulnerabilities and recommend changes to system or system components.Conduct Cybersecurity training, briefings, and presentations for multiple levels of business.Provide leadership and oversight to ISSOs.Participate in interdepartmental projects and provides council on Cybersecurity policies and procedures.The candidate will be responsible for managing electronic keying material and Controlled Cryptographic Items (CCI) material for an Air Force and National Security Agency Account, from inception through destruction. Including but not limited to the receipt, transfer, inventory, accounting, and destruction of CCI and cryptographic material. In addition, if selected the candidate may perform a variety of additional tasks to include physical security, global security operations center, and personnel security as needed. This position works under the direction of the Facility Security Officer (FSO).
Essential Functions:
L3Harris Fall River, MA, is seeking a program specific Information System Security Manager (ISSM) in support of Department of Defense programs. Duties for successful candidates include, but are not limited to reviewing and developing information system accreditation/certification support documentation; interacting with customers when changes occur that may affect the information system accreditation/certification; performing system and network self-inspections; identifying information system vulnerabilities and implementing countermeasures.
Responsibility for program policy creation/update; maintaining information system security records. The ISSM will provide assistance on IT and information system security issues that may affect the mission of the customer.
Develop and conduct risk assessment procedures for verification of Risk Management Framework safeguards to meet various regulatory requirements based upon DAAPM and NIST 800 series (800-37, 800-53, 800-61, etc) guidelines.Author and provide oversight of various artifacts supporting RMF package artifacts to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Actions & Milestones (POA&M), Continuous Monitoring (ConMon) Plan, CONOPS, and other RMF BoE artifacts.Coordinate with internal/external partners to establish system security designs and validate compliance requirements.Responsible for analyzing and/or administering security controls for information systems.The selected candidate will act as a member of a diverse security team and participate in Engineering and Configuration Review Boards and Working Groups to develop secure system solutions.Monitor IA Program compliance by performing periodic self-inspections, tests and reviews of the IS to ensure that systems are operating as authorized/accredited and that conditions have not changed.Configuration of change management processes (hardware/software, account Management, Disposition, Assured File Transfers (AFT) and related documentation in accordance with policies and procedures.Review audit data of the IS and IS components (technical & physical) for anomalous or unauthorized activities.Participate in documenting and publishing security related workflows and procedures to mitigate vulnerabilities and recommend changes to system or system components.Conduct Cybersecurity training, briefings, and presentations for multiple levels of employee population.Participate in interdepartmental projects and provides council on Cybersecurity policies and procedures.Ability to obtain and maintain any additional clearances as required.Up to 10% travel may be required.The candidate will be responsible for managing electronic keying material and Controlled Cryptographic Items (CCI) material for an Air Force and National Security Agency Account, from inception through destruction. Including but not limited to the receipt, transfer, inventory, accounting, and destruction of CCI and cryptographic material. In addition, if selected the candidate may perform a variety of additional tasks to include physical security, global security operations center, and personnel security as needed.
Qualifications:
Active DoD Secret clearance which requires U.S. CitizenshipBachelor’s Degree in Cybersecurity or similar and minimum 6 years of prior relevant experience. Graduate Degree and a minimum of 4 years of prior related experience. In lieu of a degree, minimum of 10 years of prior related experience.Relevant experience with Windows 10 and 11 operating systems and other related peripherals.Experience using Microsoft Office products.Experience with RMF/Assessment and Authorization (A&A) safeguards to meet various regulatory requirementsSecurity + or DD8570 equivalent or higher certification or Completion/Certification of KMI Training Course Experience performing COMSEC Activities such as audits and inventoriesExperience interpreting and applying NSA COMSEC security policiesPreferred Additional Skills:
Experience with SPLUNK, Security Center/Nessus, and other software/systemsExperience with configuration/certification and auditing/analysis of Windows, Linux, UNIX systems to include stand-alone IS, peer-to-peer networks, LANs/WANs and interconnections.Experience with applying, searching, leveraging SCAP and STIGsDemonstrate excellent organizational, decision-making, and problem-solving skills.Experience with technical configuration standards relating to information system security.Well versed in risk management, mitigation, and customer service.Excellent team leadership skills, with experience leading and collaborating in a multi-disciplinary, diverse, and dynamic team environment.Excellent communication skills (written, verbal, & presentation)IAM Level II or III Certification (Sec +, CISSP, CISM etc.) Knowledge with the handling and configuration of End Cryptographic Units and fill devices (i.e. AN PYQ-10 (SKLs), KIK 11, KG 250/250X, KG 255X, and KG 175D/175GKnowledge of NSA Distributed INFOSEC Accounting System (DIAS)Knowledge of Over the Air Transfer’s/Over the Air Rekeying (OTAT and OTAR),SCIP Device Management (VIPER, STE, OMNI) and USAF Cryptographic Access Program.Experience of working in a team environmentAbility to work with minimal supervisionGreat attention to detail and a high degree of accuracyPlease be aware many of our positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information.
By submitting your résumé for this position, you understand and agree that L3Harris Technologies may share your résumé, as well as any other related personal information or documentation you provide, with its subsidiaries and affiliated companies for the purpose of considering you for other available positions.
L3Harris Technologies is proud to be an Affirmative Action/Equal Opportunity Employer. L3Harris is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws. L3Harris maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks, where permitted by law.
L3Harris Technologies is an E-Verify Employer. Please click here for the E-Verify Poster in English or Spanish. For information regarding your Right To Work, please click here for English or Spanish.