Information Systems Security Manager (ISSM)
Sev1Tech LLC · Denver, CO · 1 wk ago
Information Technology$154k–$192k/yrFull-time
About the role
Entarian is seeking an experienced Information System Security Manager (ISSM) responsible for ensuring the cybersecurity posture, compliance, and accreditation of assigned information systems in accordance with applicable government and organizational requirements.
Responsibilities
- Exercise cybersecurity management authority over assigned information systems, ensuring security requirements are effectively implemented, maintained, and continuously monitored throughout the system lifecycle.
- Lead and manage the complete Risk Management Framework (RMF) lifecycle, including system categorization, security control selection and implementation, assessment, authorization, continuous monitoring, and ongoing risk management.
- Oversee and coordinate Interim Authorization to Test (IATT), Authorization to Operate (ATO), Authorization to Connect (ATC), and other authorization activities, ensuring timely development, submission, and maintenance of accreditation packages.
- Develop, maintain, and review System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), security policies, procedures, continuous monitoring documentation, and other RMF artifacts.
- Provide technical oversight, mentorship, and quality assurance for Information System Security Officers (ISSOs) supporting day-to-day cybersecurity operations.
- Serve as the primary cybersecurity liaison with the Authorizing Official (AO), Security Control Assessor (SCA), system owners, and government stakeholders, providing clear communication regarding system risk, compliance status, vulnerabilities, and authorization recommendations.
- Conduct and oversee cybersecurity risk assessments, vulnerability assessments, security impact analyses, remediation planning, and POA&M management to reduce organizational risk.
- Cover and maintain security controls during system design, integration, testing, deployment, and sustainment.
- Support cybersecurity engineering activities throughout system design, integration, testing, deployment, and sustainment.
- Prepare for and support cybersecurity audits, inspections, assessments, and compliance reviews conducted by government organizations and external assessors.
- Support incident response activities, cybersecurity investigations, and reporting requirements while ensuring appropriate documentation and corrective actions are completed.
- Develop and deliver cybersecurity awareness guidance and training for system users and technical personnel.
- Prepare executive-level cybersecurity briefings, risk assessments, compliance reports, and technical recommendations supporting senior government decision-makers.
Qualifications
- Active Top Secret security clearance with SCI eligibility.
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related technical discipline. Equivalent experience may be considered.
- Minimum fifteen (15) years of experience supporting cybersecurity, information assurance, or information system security activities within Department of Defense, Intelligence Community, or other federal environments.
- Minimum fifteen (15) years of experience implementing and managing the Risk Management Framework (RMF), including NIST SP 800-37, NIST SP 800-53, CNSSI guidance, and DoD authorization processes.
- Demonstrated experience leading Authorization to Operate (ATO), Interim Authorization to Test (IATT), and continuous monitoring activities for classified or mission-critical information systems.
- Demonstrated experience supervising, mentoring, or managing Information System Security Officers (ISSOs) or cybersecurity teams.
- Strong understanding of secure systems engineering principles, vulnerability management, configuration management, and cybersecurity risk management.
- Experience supporting cybersecurity activities across complex enterprise, cloud, communications, mission operations, or space systems environments.
- Experience coordinating with system owners, engineering organizations, cybersecurity stakeholders, and government authorizing officials.
- DoD 8140 (or legacy DoD 8570) compliant cybersecurity certification such as CISSP, CISM, CAP, Security+, or another qualifying certification.
- Proficiency with Microsoft Office Suite, including Word, PowerPoint, Excel, Project, and Outlook.
- Ability to travel approximately 25% to support customer locations, mission partner engagements, cybersecurity assessments, and operational activities.
Pay
$154,000.00 - $192,000.00