EchoStar has an exciting opportunity for an Information Systems Security Manager (ISSM)/ Information Systems Security Offer (ISSO) in our Hughes Network Systems division to join our team to support various government customers for multiple Defense and Government Systems Division (DGSD) initiatives. The position will provide strategic and tactical “day-to-day” support for Collateral and Classified activities. This position is located at our headquarters in Germantown, Maryland. Responsibilities: Recommend resource allocations required to securely operate and maintain the DGSD IA requirements. Participate in information system risk assessment during the A&A process Oversee cybersecurity and certification of a CUI environment including CMMC Develop security requirements for hardware, software, and service acquisitions specific to DGSD networks Identify alternative functional IA security strategies to address DGSD security concerns and develop plans capable of implementation. Evaluate the adequacy of security measures proposed or provided in response to requirements listed in acquisition and operations documents Develop and implement programs to ensure systems, network, and data users are aware of, understand, and follow DGSD IA policies Evaluate IT enclave systems, assess risk posture and system security findings, and recommend mitigation and /or remediation actions Work with IT network security best practices, applying policies, performing routine IT security scans and generating reports Basic Requirements: Bachelor’s degree in information systems, computer science, cyber security, related technical field or combination of education and experience 10 years of overall experience 3 years of experience as an ISSO 3 years' experience using RMF and Incident management and response experience Security certification 3 years’ experience with computer networking concepts, protocols, and network security methodologies 3 years’ experience with and knowledge of DoD and US Government (USG) information system (IS) accreditation and certification policies, standards, and governance, to include NIST FIPS Publications, DoDI 8500.2, and DISA STIGs 3 years' experience in Information security program management and project management principles and techniques 3 years' experience in System administration, network, and operating system hardening techniques 3 years' experience as an advanced user of any Unix/Linux derived operating system 3 years' knowledge of configuring and using Windows Server and Workstation Must be capable of obtaining and holding a Top Secret U.S. government security clearance Preferred Qualifications: CISSP certification Expertise in computer networking concepts, protocols, and security methodologies including host & network access control mechanisms Well versed in Risk Management processes (e.g., methods for assessing and mitigating risk) and management of cybersecurity threats and vulnerabilities Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures and current/emerging threats or threat vectors Practitioner of cybersecurity best practices used to manage risks related to the use, processing, storage, and transmission of information or data Practitioner of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities Experience in Business Continuity and disaster recovery continuity of operations plans, system life cycle management principles, including software security and usability Experience facilitating scheduled risk reviews as well as developing custom reports, layouts, and filters; ability to coordinate Project Team meetings Will be eligible for discretionary bonus, with funding based on company performance LI-CD1 H