Summary

The Cybersecurity Manager reports to the VP of IT and is responsible for fulfilling all U.S. Government IT-related regulatory and contractual requirements while working within project financial parameters, and by the Company values of integrity, team work and high ethical standards. The Cybersecurity Manager will work closely with non-IT managers supporting the needs of government and customer programs. The Cybersecurity Manager will utilize his/her expertise or an analysis of outcomes to recommend policies, doctrine, tactics, and procedures. Program support may require significant coordination and interface with various U.S. Government agencies, to include the Department of Defense, and non-U.S. Government activities located in and out of the Continental United States (CONUS).

Essential Duties and Accountabilities

1.    Plan and execute the build-out of unclassified information systems against government requirements and regulations, including NIST 800-53, DFAR 252.204-7012, DFAR 252.204-7009, DFAR 52.204-21 and derivatives. Build analyses of these requirements/regulations against novel systems and technologies at Point Blank Enterprises identifying gaps, building plans to work them, and ultimately closing the gaps;

2.    Lead development and implementation of required cybersecurity standards and industry best practices to ensure Company meets and maintains Cybersecurity Maturity Model Certification (CMMC) as required;  

3.   Lead development and implementation of Defense Counterintelligence and Security Agency Assessment and Authorization processes for the NIST Risk Management Framework (RMF) in classified environments.  

4.   Develop and maintain documented IT Security Policies, Processes, and Standards related to cybersecurity.  

5.    Ensure IT Security functions are carried out in compliance with corporate security guidelines and objectives.

6.    Provide guidance and assistance to new IT initiatives and projects to ensure appropriate levels of security are included with new solutions.

7.     Ensure IT Security functions are carried out in compliance with legal and regulatory obligations.

8.   Work with Facility Security Officer and support Company Security Program to ensure compliance with cyber security-related regulatory requirements.

9.   Perform regular security monitoring and auditing of Company systems to identify any possible threats or intrusions, to include Insider Threat indicators.

10.  Participate in technical incident response and security investigation activities, as required.

11.  Interface with U.S. Government representatives, customers, and third-party service providers and auditors, as required.

12.  Design and oversee development of Security Management infrastructure.

13.  Report out to internal business owners and executive sponsors on status and timelines both periodically and as independently requested.

14.  Coordinate cyber security-related training for end users.

15.  Perform administrative functions on all cybersecurity-related projects as needed for implementation, support and maintenance.

16.  Support firewall software configuration to in compliance with Company requirements.

17.  Work with IT team to find solutions for various projects and operational needs.

18.  Maintain data center for environmental monitoring equipment.

19.  Suggest areas for improvement in internal processes along with possible solutions.

20.  Initiate and implement improvements in all areas of IT responsibility.

21.  Responsible for working according to the Company’s safety and quality standards.

22.  Maintains a safe and clean work area.

23.  Performs other related duties as required and assigned.

Competencies

Cognition: Processes thoughts and experiences effectively from decision making to innovative thinking, analysis, judgments and problem solving. This includes examining information to draw conclusions, developing creative ideas and perspectives, making informed decisions considering all of the facts, goals, constraints and risks associated and resolving difficult challenges.

Communication: Communicates clearly with others avoiding ambiguity in all aspects of communication from speaking to writing, listening, and reading. This includes expressing ideas and facts orally and in writing, understanding and learning from what others say and grasping the meaning of written information. 

Interaction with Others: Communicating and reacting with co-workers appropriately to maintain a professional environment. This includes encouraging others and furthering Company objectives, building constructive working relationships consisting of acceptance and respect, promoting cooperation and commitment within a team to achieve goals and embracing a work environment that appreciates diversity.

Personal Effectiveness: Incorporating all personal resources to achieve work objectives the most efficiently from accountability to adaptability, customer and safety focus and continual learning.  This includes taking responsibility for actions, quality and timeliness of work, adjusting to changing business needs, conditions and work responsibilities, maintaining customer satisfaction with the products offered by the company, adhering to all workplace standards, regulations and practices and showing an ongoing commitment to self-improve.

Qualifications

• This position requires use of and access to information which is subject to the International Traffic in Arms Regulations (ITAR).  Accordingly, all Cyber Security Managers must be U.S. persons within the meaning of ITAR. 
• This position also requires that the Cyber Security Manager be eligible for a U.S. Government personnel security clearance.
• Bachelor’s degree in relevant field (Engineering, Information Security, other) and  7+ years of IT experience, to include 4 years in Security Management or Advanced Degree (Master of Science (MS)) and 5 years of experience in the respective technical / professional discipline being performed.
• Minimum three (3) years of experience in supporting IT-related tasks for DoD contracts.
• Awareness of modern security related subjects and trends such as threat hunting and modeling, digital forensics, reverse engineering, phishing, and penetration testing.
• Prior experience working with the U.S. Government or U.S. Department of Defense preferred
• Experience with cloud-hosted services, web-based applications, and server/service management features.
• Demonstrated ability to understand and communicate technical details with varying levels of management.
• Bonus: IAM Level II or IAT Level III security certification, in accordance with DoDI 8570.01-M, Information Assurance Workforce Improvement Program.

Physical Demands and Working Conditions

• Travel 10%
• Requires sitting for a prolonged period of time.
• Requires dexterity and coordination to handle files and paper.
• Requires occasional lifting of files, stacks of paper, reference and other materials up to 25 lbs.
• Requires minimum reaching for items above and below desk level.
• Moving from place to place within the building to accomplish tasks.
• Requires strength, coordination and vision to use keyboard and video display terminal for prolonged periods.
• Requires on call status for non-work hours IT emergencies.