Jobs · Information Technology · Florida

(704) Cybersecurity Information System Security Manager (ISSM)

Arlo Solutions · Orlando, FL · Yesterday
Information TechnologyFull-time

Responsibilities

  • Serve as the Information System Security Manager (ISSM) for 3–7 assigned Army Information Systems.
  • Lead all phases of the DoD Risk Management Framework (RMF) lifecycle in accordance with NETCOM RMF guidance.
  • Develop, maintain, and manage Authorization Packages, including SSPs, POA&Ms, Security Categorization, Continuous Monitoring documentation, and supporting Body of Evidence.
  • Cybersecurity risk assessments and recommend mitigation strategies supporting Authorizing Official (AO) risk decisions.
  • Coordinate Security Control Assessments (SCA) and remediation of assessment findings.
  • Manage Continuous Monitoring (ConMon) activities, vulnerability management, STIG compliance, ACAS review, and cybersecurity reporting.
  • Review system architecture, authorization boundaries, network diagrams, data flows, and system changes to ensure continued compliance.
  • Prepare and brief cybersecurity status, risks, and authorization recommendations to senior Government stakeholders.
  • Support implementation of Zero Trust Architecture (ZTA), cloud security, and secure system engineering principles where applicable.

Requirements

  • Active Top Secret Security Clearance (SCI eligibility preferred)
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or related field (or equivalent experience)
  • Minimum 8 years supporting DoD cybersecurity program
  • Minimum 5 years supporting DoD RMF and Assessment & Authorization activities
  • Experience supporting U.S. Army or other DoD cybersecurity programs
  • Experience managing multiple RMF authorization packages simultaneously
  • Excellent written, verbal, and presentation skills

Qualifications

  • Required Knowledge & Experience
  • Department of Defense Risk Management Framework (RMF)
  • U.S. Army RMF implementation
  • NETCOM RMF Business Rules and authorization processes
  • Continuous Monitoring (ConMon)
  • Vulnerability Management
  • Security Control implementation
  • Security Assessments and Authorization (A&A)
  • System Security Plans (SSP)
  • POA&M management
  • Security documentation development
  • Cybersecurity governance and compliance
  • eMASS, Xacta, or equivalent GRC tools
  • Microsoft Windows, Linux, virtualization, and enterprise networking
  • Cloud environments supporting FedRAMP and DoD Cloud SRG (preferred)

Similar jobs