Alternate Information Security Compliance Manager
Phase2 Technology, Austin, TX, United States
Job Title
Alternate Information Security Compliance Manager
Overview
The Alternate Information Security Compliance Manager will help scale ARL:UT's compliance program to accommodate the growing and evolving needs of the organization and its many customers. The role also provides backup support for the Information Security Compliance Manager and assists the Information System Security Manager in reviewing classified information systems. Collaboration with internal and external stakeholders, including system engineers, administrators, sponsors, and other organizations, is essential.
Responsibilities
Ensure classified systems follow government and ARL regulations while meeting program demands and staying in an accredited state.
Assist in day‑to‑day IT governance, risk management, and compliance functions.
Ensure that classified information systems meet the Risk Management Framework requirements for national security computing environments as defined by NIST 800‑Series, DAAG, JSIG, and other governing bodies.
Conduct continuous monitoring reviews and self‑assessments of classified information systems and applicable security controls to ensure compliance with government and ARL policy.
Oversee compliance assurance for daily administration of information security measures in accordance with NISPOM, DAAG, JSIG, DISA, and other relevant system security requirements, including those under RMF.
Update and maintain system‑level Plan of Action and Milestones (POA&M) through compliance checks, STIG and SCAP reviews, and Nessus scanning.
Draft detailed reports of compliance and self‑inspection outcomes for upper‑management review.
Maintain a compliance database, including control policy descriptions and compliance status.
Supervise a small team of Information Security Compliance Analysts.
Perform other related functions as assigned.
Required Qualifications
HS/GED
Five years of relevant cybersecurity experience, including compliance assessment and planning through the STIG and POA&M process.
Two years working with RMF, DAAG, NISPOM, JSIG or other equivalent security frameworks.
Ability to assess security posture by identifying and mitigating vulnerabilities.
Current Security+ or IAM/IAT II equivalent certification, or completion upon start date.
Strong multitasking skills with attention to detail.
Relevant education and experience may be substituted as appropriate.
Preferred Qualifications
Bachelor's Degree in Computer Science, Cyber Security, or related field.
Experience as an Auditor, ISSO, ISSE, Security Architect, or Information Security Analyst.
Held cybersecurity positions in classified DoD environments for 5+ years.
More than five years working with Linux environments.
Experience with vulnerability/compliance scanning tools (ACAS/Nessus, Retina, MBSA, SCAP, etc.).
Experience with the implementation of STIG/SRG compliance configurations.
Eligibility for immediate access to classified information at the required level.
Benefits
100% employer‑paid basic medical coverage.
Retirement contributions.
Paid vacation and sick time.
Paid holidays.
Salary Range
$83,000 - $124,800+
egotiable depending on qualifications
Working Conditions
Standard office conditions.
Repetitive use of a keyboard at a workstation.
Use of manual dexterity.
Some weekend, evening and holiday work.
Possible interstate/intrastate travel.
Equal Opportunity Employer
The University of Texas at Austin, as an equal‑opportunity/affirmative action employer, complies with all applicable federal and state laws regarding nondiscrimination and affirmative action. The University is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, or veteran status in employment.
Security Clearance
US Citizen required. Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information at the level appropriate to the project requirements of the position. Employment is contingent on submitting an application for access and receiving notification of eligibility within a specified period. Eligibility must be continuous during employment.
#J-18808-Ljbffr
Alternate Information Security Compliance Manager
Overview
The Alternate Information Security Compliance Manager will help scale ARL:UT's compliance program to accommodate the growing and evolving needs of the organization and its many customers. The role also provides backup support for the Information Security Compliance Manager and assists the Information System Security Manager in reviewing classified information systems. Collaboration with internal and external stakeholders, including system engineers, administrators, sponsors, and other organizations, is essential.
Responsibilities
Ensure classified systems follow government and ARL regulations while meeting program demands and staying in an accredited state.
Assist in day‑to‑day IT governance, risk management, and compliance functions.
Ensure that classified information systems meet the Risk Management Framework requirements for national security computing environments as defined by NIST 800‑Series, DAAG, JSIG, and other governing bodies.
Conduct continuous monitoring reviews and self‑assessments of classified information systems and applicable security controls to ensure compliance with government and ARL policy.
Oversee compliance assurance for daily administration of information security measures in accordance with NISPOM, DAAG, JSIG, DISA, and other relevant system security requirements, including those under RMF.
Update and maintain system‑level Plan of Action and Milestones (POA&M) through compliance checks, STIG and SCAP reviews, and Nessus scanning.
Draft detailed reports of compliance and self‑inspection outcomes for upper‑management review.
Maintain a compliance database, including control policy descriptions and compliance status.
Supervise a small team of Information Security Compliance Analysts.
Perform other related functions as assigned.
Required Qualifications
HS/GED
Five years of relevant cybersecurity experience, including compliance assessment and planning through the STIG and POA&M process.
Two years working with RMF, DAAG, NISPOM, JSIG or other equivalent security frameworks.
Ability to assess security posture by identifying and mitigating vulnerabilities.
Current Security+ or IAM/IAT II equivalent certification, or completion upon start date.
Strong multitasking skills with attention to detail.
Relevant education and experience may be substituted as appropriate.
Preferred Qualifications
Bachelor's Degree in Computer Science, Cyber Security, or related field.
Experience as an Auditor, ISSO, ISSE, Security Architect, or Information Security Analyst.
Held cybersecurity positions in classified DoD environments for 5+ years.
More than five years working with Linux environments.
Experience with vulnerability/compliance scanning tools (ACAS/Nessus, Retina, MBSA, SCAP, etc.).
Experience with the implementation of STIG/SRG compliance configurations.
Eligibility for immediate access to classified information at the required level.
Benefits
100% employer‑paid basic medical coverage.
Retirement contributions.
Paid vacation and sick time.
Paid holidays.
Salary Range
$83,000 - $124,800+
egotiable depending on qualifications
Working Conditions
Standard office conditions.
Repetitive use of a keyboard at a workstation.
Use of manual dexterity.
Some weekend, evening and holiday work.
Possible interstate/intrastate travel.
Equal Opportunity Employer
The University of Texas at Austin, as an equal‑opportunity/affirmative action employer, complies with all applicable federal and state laws regarding nondiscrimination and affirmative action. The University is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, or veteran status in employment.
Security Clearance
US Citizen required. Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information at the level appropriate to the project requirements of the position. Employment is contingent on submitting an application for access and receiving notification of eligibility within a specified period. Eligibility must be continuous during employment.
#J-18808-Ljbffr