Position Description

• Assist the Information Systems Security Manager (ISSM) by developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data;
• Assume ISSM responsibilities in the absence of the ISSM;
• Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs;
• Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals;
• Conducting systems security evaluations, audits, and reviews;
• Developing systems security contingency plans and disaster recovery procedures;
• Serve as member of the Change Control Board (CCB);
• Developing and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures;
• Participating in network and systems design to ensure implementation of appropriate systems security policies;
• Assessing security events to determine impact and implementing corrective actions; and/or
• Ensuring the rigorous application of information security/ information assurance policies, principles, and practices in the delivery of all IT services.
• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly;
• Ensure audit records are collected, reviewed, and documented (to include any anomalies).

Specific duties Include but are not limited to:

1. Maintain the organizations cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures in direct collaboration with the Cyber Security Directorate (CSD).

2. Act as a cybersecurity technical advisor for the organization and to the AO for the systems under their purview.

3. As a cybersecurity subject matter expert in securing nationwide multi-level security information systems, works directly with the ISSM and other organizations, Navy and non-Navy, to formulate new policies and procedures for risk analysis and risk management solutions that can be adapted and applied to future systems.

4. Communicate and collaborate with the Command ISSM and Command Security Manager in areas of mutual interest and impact.

5. Analyze customer information systems for risk to the organization.

6. Maintain a repository for all cybersecurity-related documentation, i.e. Cybersecurity Workforce (CSWF) management and tracking, Certification and Accreditation (C&A), and Computer Network Defense (CND).

7. Monitor information systems and user compliance with cybersecurity policy, as appropriate, and review the results of such monitoring.

8. Ensure that any cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations.

9. Ensure implementation of IS security measures and procedures, including reporting incidents to the ISSM Authorizing Official (AO) and appropriate reporting

10. Follow the JSIG

11. Create and update ConMon

Experience Required

4-7 Years

Minimum Salary

91,254

Maximum Salary

141,064

Our work in leading-edge defense systems, engineering, computer science, electronics, finance, logistics, and contract management provides our Sailors and Marines with the capabilities they need to accomplish their mission and return home safely.

NAVAIR’s culture is as rich and diverse as its people. Civilians work side-by-side with military personnel to accomplish the NAVAIR mission.