(602) Information Systems Security Manager III

Company Summary Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.  Position Description: The Information System Security Manager (ISSM) III will support Naval Surface Warfare Center Philadelphia Division (NSWCPD) as a contractor through Arlo Solutions, serving as a key cybersecurity leader for NSWCPD Code 104. This key personnel position is responsible for overseeing and managing information security program implementation within the organization, supporting DoD Information Assessment and Authorization (A&A) process and Risk Management Framework (RMF) services, and ensuring compliance with all NAVSEA, DON, and DoD cybersecurity policies. Location: (Onsite) Philadelphia, PA Clearance:  Active Secret Responsibilities and/or Success Factors: Cybersecurity Program Management Support IT security goals and objectives to reduce overall organizational risk  Communicate the value of IT security throughout all levels of organization stakeholders  Coordinate with various levels of the organization to oversee information security program implementation  Manage cyber strategy, personnel, infrastructure, policy enforcement, emergency planning, security awareness, and other resources  Assist with facilitating communication between all RMF stakeholders throughout the RMF process Security Assessment and Authorization  Assist with the collection of data needed to meet system cybersecurity reporting requirements  Assist with security improvement actions as they are evaluated, validated, and implemented  Participate in information security risk assessments during the Security A&A process  Assist with identifying security requirements specific to IT systems in all phases of the system life cycle  Coordinate with programs to resolve findings identified during internal and external review processes Compliance and Risk Management  Assist with cybersecurity inspections, tests, and reviews for the network environment  Assist with identifying alternative information security strategies to address organizational security objectives  Interpret patterns of noncompliance to determine their impact on risk levels and overall effectiveness of the enterprise's cybersecurity program  Track audit findings and recommendations to ensure appropriate mitigation actions are taken  Monitor systems for upcoming authorization conditions/stipulations, upcoming or past due POA&M items, and SLCM activities Documentation and Reporting • Develop findings reports and recommended corrective actions for identified deficiencies  Report system compliance in DON Application and Database Management System (DADMS), Department of Defense Information Technology Portfolio Repository – Department of the Navy (DITPR-DON), and Vulnerability Remediation Asset Manager (VRAM)  Assist with Quality Assurance (QA) reviews for RMF package submissions in accordance with NSWCPD and NAVSEA 03 SOP  Ensure successful implementation and functionality of security requirements and appropriate IT policies and procedures consistent with the organization's mission and goals  Track and respond to Cybersecurity data calls per Government guidance Minimum Qualifications Including Certificates: Must be a U.S. Citizen  Active Secret security clearance  Master's degree in computer science, information technology, or an equivalent science, technology, engineering & mathematics (STEM) degree from an accredited college or university  Eight (8) years of experience coordinating with various levels of an organization to oversee and manage information security program implementation  Experience managing cyber strategy, personnel, infrastructure, policy enforcement, emergency planning, security awareness, and/or other resources  Must possess one of the following certifications: CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP  IAM-II certification level  Experience with DoD Information Assessment and Authorization (A&A) process and Risk Management Framework (RMF)   Desired Qualifications: Experience with enterprise security technologies and tools including eMASS and VRAM  Knowledge of NIST Special Publications and DoD cybersecurity instructions  Experience with Navy and DoD organizational structures and policies  Familiarity with NAVSEA cybersecurity requirements and procedures  Experience with vulnerability management and continuous monitoring  Demonstrated leadership abilities and strong communication skills AAP Statement We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.   Offices: (NSWCPD Philadelphia);