Information System Security Manager (ISSM)

Overview

Department : Information Technology

Employment Type : Full Time

Location : San Diego, California

Reporting To : Director of IT Security

Compensation : $75,000 - $90,000 / year

Description

The Information Systems Security Manager (ISSM) is responsible for creating, implementing and managing cybersecurity program, focusing on protecting information systems and data through policy development, risk assessment, security control implementation, incident response, and ongoing monitoring.

Key duties include developing and enforcing security policies, conducting risk assessments, designing security controls, managing incident response, and ensuring compliance with relevant standards and regulations.

Key Responsibilities

• Administer and maintain cloud security posture management (CSPM) and vulnerability management platforms including Qualys, CrowdStrike, and Bitsight.
• Design, build, and operate CrowdStrike solutions across cloud and cloud-native environments to enhance threat visibility, risk identification, and vulnerability remediation
• Information System Program Management.
• Develop, implement, and maintain system security policies, plans and procedures in alignment with RMF, NIST 800 publications, DAAPM, and NISPOM requirements.
• Develop and maintain security architecture and security policies, principles and standards.
• Develop and validate baseline security configurations for operating systems, applications, and networking equipment.
• Manage the system lifecycle management process, including developing and maintaining security plans and documentation.
• Perform and document risk assessments; manage POA&M’s with stakeholders to identify weaknesses, mitigation actions, and timelines; enforce configuration management and assess system changes for security impact.
• Knowledge of current and emerging threats / threat vectors.
• Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
• Knowledge of penetration testing principles, tools, and techniques.
• Participate in security investigations and compliance reviews, as requested by internal or external auditors.
• Implement continuous monitoring strategies; conduct regular audits and assessments to ensure controls remain effective and vulnerabilities are addressed promptly.
• Monitor for security incidents and vulnerabilities; manage incident response, system recovery, and reporting processes to restore security safeguards quickly and accurately.
• Provide second- and third-level support and analysis during and after a security incident.
• Assist security administrators and IT staff in the resolution of reported security incidents.
• Develop and implement system security training and awareness program for all roles; brief users on security responsibilities and ensure training completion before access.
• Communicate regularly with stakeholders : FSO, SMO, managers, users, DCSA
• Provide backup IT support when required.
• Oversee ISSO’s under their purview to ensure they follow established IS policies and procedures.
• Assume ISSO responsibilities in the absence of the ISSO; maintain required IA certifications.
• Ensure System Administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks.

Skills, Knowledge and Expertise

Benefits

What’s in it for you on Day 1 :

Exciting Onsite Perks :

Knowles is committed to providing a competitive and fair total compensation package for all employees.

One element in our total compensation package is base pay. The starting pay for this role is targeted to be between $75,000 and $90,000 per year.

Individual compensation decisions are based on a number of factors, including but not limited to previous experience and skills acquired prior to joining Knowles, cost of living in the assigned work location, assigned schedule, and salaries of similarly situated peers at the company. It is to be expected that candidates will come to us with different sets of skills and experiences and therefore will be paid at different points in the stated range. We recognize that the person(s) we select for hire may be less experienced or more experienced than the role as posted; if this is the case, any updates to available salary ranges will be communicated with candidates during the recruitment process.

Equal Opportunity Statement : Knowles Precision Devices prohibits pay discrimination and discrimination of any kind based on race, color, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation, or other legally protected status.

Notice to Staffing Agencies, Search Firms and Recruitment Agencies : The recruitment process at Knowles is managed through the Human Resources department. Knowles does not accept resumes submitted from 3rd party agencies outside of our system. To submit resumes, 3rd party agencies will need to be a pre-approved vendor with a valid contract in place, be actively engaged by Knowles to recruit for a specific position and have agency log in credentials to submit candidates to our careers portal. Please do not submit resumes via e-mail, through our external website or directly to our employees. Any resumes submitted in this way become the property of Knowles and will not be eligible for any placement fee.

#J-18808-Ljbffr