SantarosaRecruiter Since 2001
the smart solution for Santa Rosa jobs

Information System Security Manager (ISSM)

Company: L3Harris
Location: Santa Rosa
Posted on: June 9, 2021

Job Description:


Job Title: Information System Security Manager (ISSM)

Job Code: IMS20211305-61256

Job Location: Santa Rosa, CA

About Sonoma EO

Within L3Harris's ISR Systems segment, Sonoma EO is an established pioneer in military/defense infrared technology located in Santa Rosa, CA. A leader in high technology and engineering services, Sonoma EO is world renowned for its expertise in the areas of Electro Optical / Infrared (EO/IR) stabilized imaging systems. As a first-rank engineering and production company, Sonoma EO is engaged in the design, development, and manufacture of highly sophisticated electronics equipment that provide industry-leading solutions to government agencies, as well as civil and commercial organizations worldwide, enabling industry partners and customers to perform increasingly complex missions - every day. We offer competitive benefits, an alternative 9/80 work schedule, and the opportunity to work with a talented and diverse group of professionals.

Job Description:

L3Harris, Sonoma EO is looking an experience Cyber Intelligence professional for our Santa Rosa, California location to fill our Information System Security Manager (ISSM) role. Candidate must have their CISSP, CISM or GSLC certification per DoD Directive 8570.1

The ISSM supports our campus in meeting the needs of our customers while remaining compliant with the Department of Defense and Intelligence Community requirements. As part of the security team, the ISSM is responsible for maintaining the highest level of safeguarding for our US Government customer, overseeing the overall security posture and implementation of the mandatory security controls for the information systems. Responsible for a portfolio of programs potentially spanning Collateral, SCI and SAP/SAR levels. Supports the information system life cycle activities including establishing systems to support classified proposals, scoping systems for new programs, preparing Risk Management Framework packages, regular maintenance, support and upgrades of systems during program execution, and program closeout and de-certification activities.

Essential Duties and Responsibilities

The following reflects management's definition of essential functions for this job but does not restrict the

tasks that may be assigned. Management may assign or reassign duties and responsibilities to this job

at any time due to reasonable accommodation or other reasons.

  • Serve as Information Systems Security Manager (ISSM) for classified computers in DoD and Intelligence Community computing environments.
  • Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis.
  • Ensure system security measures comply with applicable government and customer policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
  • Oversee and manage the Information System Security Officer(s) (ISSO) daily/weekly/monthly tasks and assign roles and responsibilities as necessary.
  • Maintain thorough understanding of NIST, JSIG, RMF and other related documentation the implementation and determination of security controls that are applicable to our environment, as well as document the implementation in the Security Controls Tractability Matrix (SCTM).
  • Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional.
  • Create, update, monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.
  • Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, SCTM).
  • Certification & Accreditation documentation {ICD 503, NISPOM, System Security Plans (SSP), Security Concept of Operations (CONOPs), Security Architectures, and the Privileged User's Guide (PUG)}, along with developing test requirements and Risk Matrices.
  • Operates, maintains, and disposes of information systems in accordance with established security policies and practices IAW JAFAN 6/3, NISPOM, NIST, the System Security Plan, and other USG requirements, as required.
  • Knowledge of and implementation experience in applying USG C&A regulations, policies, and processes (e.g. RMF, ICD 503/507, NISPOM Chapter 8, JAFAN 6/3, DCID 6/3, and/or JSIG IS) particularly as they apply to the ISSM/ISSO roles and responsibilities, within a corporate environment.


  • Education - Bachelor's Degree in Information Technology, Information Assurance or Computer Information Systems preferred
  • Experience - 10 years' experience as a security professional in a SAP/SCI environment
  • Experience in PERSEC, COMSEC and/or program security roles
  • Must have CISSP, CISM or GSLC certification per DoD Directive 8570.1
  • Must be a US Citizen with an Active Top Secret security clearance and ability to obtain SCI and SAP/SAR clearances. Ability to obtain a full-scope polygraph.

Preferred Additional Skills:

  • Familiarity with the ODAA Baseline Standard requirements, Joint Special Access Program (SAP) Implementation Guide (JSIG) Risk Management Framework (RMF), and Intelligence Community Directives (ICD).
  • Technical knowledge and experience with computer and network hardware and software systems, communications and connectivity. Technical knowledge and experience with Linux or Red Hat.
  • Experience working with the DCSA.
  • Experience with both Windows and Linux operating environments.
  • Experience in a research and development environment where software and algorithms are developed.
  • Experience in developing external customer relationships and communications (e.g., DSS, NRO, DARPA, IARPA, AF, Navy).
  • Maintains awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges.
  • Customer/mission focused.
  • Excellent time management skills; keeps commitments and follows through end-to-end.
  • Familiarity conducting vulnerability scans (STIG, SCAP, NESSUS).
  • Familiarity with DoD Secure Host Baseline (SHB).
  • Current experience working with government information systems of record and a general understanding of personnel security investigation requirements is required,
  • Integrity and a professional manner are required.
  • Possess a high degree of organizational and communications skills, both written and verbal.
  • Must be able to work independently and irregular hours, as required.
  • Must partner with functional organizations and possess the ability to solve complex challenges independently in compliance with written and verbal guidance from both internal and external Customers as appropriate meeting business objectives. Ability to objectively and professionally conduct investigations regarding sensitive issues and violations of written policies; issue disciplinary guidance as needed.
  • Experience with enterprise class Data Center operations, including practices, procedures, remote administration, disaster recovery, and business continuity.
  • Strong understanding of availability requirements for enterprise applications
  • Strong procedural documentation skills are required.
  • Strong understanding of Information management and permission sets for SharePoint Portal.
  • Demonstrated leadership, communication, and interpersonal skills required as well as strong analytical ability leading to exemplary execution.


  • Ability to work well in a fast-paced, deadline-driven environment.
  • Ability to communicate effectively with all levels of management and staff.
  • Must be proficient in the use of Microsoft Office suite and other software programs involving security.
  • Must possess excellent interpersonal, written, verbal, and presentation skills.
  • Ability to write reports, business correspondence, and procedure manuals.
  • Ability to present information to managers, executives, clients, customers, and the general public.
  • Ability to provide clear and understandable communications to non-technical people.
  • Possess strong organizational skills.
  • Able to maintain accurate records and logs in accordance with policies and compliance requirements.
  • Ability to use good judgment in planning and accomplishing new and/or unfamiliar objectives.
  • Ability to research, gather and analyze information then formulate effective recommendations and actions.
  • Ability to creatively accomplish goals within constraints of budgets, time, and/or available resources.
  • Ability to effectively interpret and act upon a variety of instructions from various channels.
  • Ability to work independently and with a team to produce accurate results quickly.
  • Able to effectively lead and manage a project from inception to completion.

Keywords: L3Harris, Santa Rosa , Information System Security Manager (ISSM), Other , Santa Rosa, California

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest California jobs by following @recnetCA on Twitter!

Santa Rosa RSS job feeds