United States Air ForceInformation System Security Manager
Mar. 2024Offutt Air Force Base, Nebraska, United StatesPerform oversight of the development, implementation, and evaluation of information system security program policy
Develop and oversee operational information systems security implementation policy and guidelines of network security, based upon Risk Management Framework (RMF) Perform risk assessments and make recommendations on security testing methodologies and processes
Evaluate authorization documentation and provide written recommendations to PMs
Develop and maintain a formal Information Systems Security Program
Ensure that all IAOs, network administrators, and other cyber security personnel receive the necessary technical and security training to carry out their duties
Develop, review, endorse, and recommend action by the AO or DAO of system assessment documentation
Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media
Develop and execute security assessment plans that include verification that the features and assurances required for each protection level functioning
Institute and implement a Configuration Control Board (CCB) charter
Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system
Ensure the development and implementation of an information security education, training, and awareness program, including attending, monitoring, and presenting local cyber security training.
Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed
Assess changes in the system, its environment, and operational needs that could affect the authorization
Ensure that authorization is accomplished a valid Authorization determination has been given for all authorization boundaries under the purview
Ensure configuration management (CM) for security-relevant changes to software, hardware, and firmware are properly documented
Ensure periodic testing is conducted to evaluate the security posture