Information Systems Security Manager

About The Position

Requirements

• Active Top Secret security clearance with the ability to obtain SAP and SCI access (U.S. citizenship required)
• DoD 8140/8570 IAM Level III certification (CISM, CISSP, etc.)
• 2-4 years as an ISSM implementing JSIG, DAAG, and/or ICD 503 IS requirements. Previous security experience in a SAP/SCI environment
• Experience with configuration, certification, and auditing/analysis of Windows/Linux operating systems in Peer-to-Peer, LAN, and WAN network environments
• Familiarity with vulnerability, compliance, and audit tools (Nessus, SCAP, Splunk, etc.)
• Understanding of authorization/accreditation databases (eMASS, Xacta, SNOW, etc.)
• Excellent communication skills
• Strong customer service skills
• Strong analytical and problem-solving abilities
• Detail-oriented and self-motivated
• Able to prioritize multiple initiatives in a fast-paced environment
• Ability to work well in a team environment and adapt to changing project priorities

Responsibilities

• Lead cybersecurity compliance for classified programs
• Manage the cybersecurity posture of classified information systems in accordance with U.S. Government requirements including the Joint Special Access Implementation Guide (JSIG), Intelligence Community Directive (ICD) 503, and DCSA Assessment and Authorization Guide (DAAG)
• Serve as the primary cybersecurity point of contact for assigned program networks, collaborating with government customers and internal teams
• Support RMF and Assessment & Authorization activities
• Lead Assessment & Authorization (A&A) efforts including certification testing of security controls
• Develop and maintain security documentation such as System Security Plans (SSPs), Risk Assessment Reports (RARs), Standard Operating Procedures (SOPs), and Security Controls Traceability Matrix (SCTM)
• Manage Continuous Monitoring (ConMon) activities and Plan of Action and Milestone (POA&M) tracking
• Maintain and strengthen security posture
• Conduct periodic system inspections and audits to verify compliance with approved security configurations
• Apply deep knowledge of NIST 800-53 controls to ensure accredited networks remain compliant
• Support hardware/software change management, account management, media protection, and data transfers within accredited environments
• Collaborate across security and engineering teams
• Work closely with Information System Security Officers (ISSOs), Information System Security Engineers (ISSEs), System Administrators, Facility Security Officer (FSO), and Contractor Special Security Officer (CSSO) to implement and maintain information systems security posture
• Partner with Program Managers and Engineers to define and implement network requirements for new programs
• Assist the FSO, CPSO, and incident response teams on security events and data spill response
• Drive continuous improvement
• Contribute to improving cybersecurity processes and security practices across programs
• Demonstrate a can-do attitude and provide innovative, compliant solutions through creative analysis