Information Systems Security Manager
Firefly Aerospace · Cedar Park, TX · 2 wk ago
On-siteInformation TechnologyFull-time
Responsibilities
- Translate complex CNSSP 12 (National Information Assurance Policy for Space Systems) mandates into measurable system engineering requirements and architectural constraints.
- Cook up secure network architectures for ground and space segments, coordinate with system owners, space vehicle engineers, and DevOps teams to embed security controls into the SDLC.
- Conduct security impact assessments, threat modeling, and risk assessments on proposed space vehicle architectures and system changes.
- Manage the full system life cycle accreditation processes under NIST SP 800-37 Rev. 2, driving systems through the RMF to secure Authorities to Operate (ATO).
- Develop and maintain critical accreditation documentation, including System Security Plans (SSPs), POAMs, and Security Assessment Reports (SARs).
- Provide regular status reports, continuous monitoring metrics, and compliance briefings to senior management and government Authorizing Officials (AOs).
- Ensure system configurations continuously comply with DISA STIGs and DoD Security Technical Implementation Guides.
- Lead and manage the corporate-wide cybersecurity compliance initiatives, ensuring strict adherence to NIST SP 800-171, NIST SP 800-53 and Space Policy Directive 5 (SPD – 5) across enterprise.
- Manage a diverse, multi-location Information Assurance team, setting goals, driving accountability, and mentoring security personnel.
- Support incident response activities, ensure timely reporting to government stakeholders (e.g., DCSA), and lead tabletop exercises to evaluate and improve cross-functional readiness.
- Oversee red-teaming and penetration testing activities to uncover vulnerabilities and ensure network resilience.
Qualifications
- BS or MS degree in Computer Science, Cybersecurity, Information Technology, or a related technical discipline.
- At least 10 years of experience in information assurance, cybersecurity compliance, or risk management within the aerospace, federal, or DoD contracting environment.
- Demonstrated expertise in applying NIST SP 800-37 Rev. 2 (RMF), Space Policy Directive 5 (SPD – 5), NIST SP 800-171, NIST SP 800-53, and FISMA standards.
- Hands-on experience with DoD security tools (e.g., eMASS, ACAS, HBSS, SPRS).
- Exceptional leadership and communication skills to effectively interface with technical and non-technical executive stakeholders.
- Direct experience acting as an ISSM or Security Control Assessor (SCA) for space-based systems.
- Familiarity with satellite telemetry, tracking, and commanding (TT&C) encryption and security requirements.
- Hands-on experience executing a CMMC Level 2 implementation.
- Active clearance or ability to obtain and maintain clearance.
- Experience with requirements management platforms (e.g., Jama, DOORS) used in systems engineering.
Benefits
- Outstanding benefits for employees, including generous health, dental and vision plans with low plan deductibles, parental leave, educational reimbursement, short term disability, and flexible PTO options.