(602) Information Systems Security Manager III

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future. 

Cybersecurity Program Management

• →Support IT security goals and objectives to reduce overall organizational risk 
• →Communicate the value of IT security throughout all levels of organization stakeholders 
• →Coordinate with various levels of the organization to oversee information security program implementation 
• →Manage cyber strategy, personnel, infrastructure, policy enforcement, emergency planning, security awareness, and other resources 
• →Assist with facilitating communication between all RMF stakeholders throughout the RMF process Security Assessment and Authorization 
• →Assist with the collection of data needed to meet system cybersecurity reporting requirements 
• →Assist with security improvement actions as they are evaluated, validated, and implemented 
• →Participate in information security risk assessments during the Security A&A process 
• →Assist with identifying security requirements specific to IT systems in all phases of the system life cycle 
• →Coordinate with programs to resolve findings identified during internal and external review processes Compliance and Risk Management 
• →Assist with cybersecurity inspections, tests, and reviews for the network environment 
• →Assist with identifying alternative information security strategies to address organizational security objectives 
• →Interpret patterns of noncompliance to determine their impact on risk levels and overall effectiveness of the enterprise's cybersecurity program 
• →Track audit findings and recommendations to ensure appropriate mitigation actions are taken 
• →Monitor systems for upcoming authorization conditions/stipulations, upcoming or past due POA&M items, and SLCM activities Documentation and Reporting •
• →Develop findings reports and recommended corrective actions for identified deficiencies 
• →Report system compliance in DON Application and Database Management System (DADMS), Department of Defense Information Technology Portfolio Repository – Department of the Navy (DITPR-DON), and Vulnerability Remediation Asset Manager (VRAM) 
• →Assist with Quality Assurance (QA) reviews for RMF package submissions in accordance with NSWCPD and NAVSEA 03 SOP 
• →Ensure successful implementation and functionality of security requirements and appropriate IT policies and procedures consistent with the organization's mission and goals 
• →Track and respond to Cybersecurity data calls per Government guidance
  
  

• Must be a U.S. Citizen 
• Active Secret security clearance 
• Master's degree in computer science, information technology, or an equivalent science, technology, engineering & mathematics (STEM) degree from an accredited college or university 
• Eight (8) years of experience coordinating with various levels of an organization to oversee and manage information security program implementation 
• Experience managing cyber strategy, personnel, infrastructure, policy enforcement, emergency planning, security awareness, and/or other resources 
• Must possess one of the following certifications: CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP 
• IAM-II certification level 
• Experience with DoD Information Assessment and Authorization (A&A) process and Risk Management Framework (RMF)

• Experience with enterprise security technologies and tools including eMASS and VRAM 
• Knowledge of NIST Special Publications and DoD cybersecurity instructions 
• Experience with Navy and DoD organizational structures and policies 
• Familiarity with NAVSEA cybersecurity requirements and procedures 
• Experience with vulnerability management and continuous monitoring 
• Demonstrated leadership abilities and strong communication skills

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.