Jobs · Information Technology · Virginia

Information Systems Security Manager (ISSM), Senior

CGI · Arlington, VA · 9 mo ago
Information Technology$100k–$200k/yrFull-time

About the role

The Information System Security Manager (ISSM) at CGI Federal plays a pivotal role in advancing the national security mission through cutting-edge technology. Reporting to senior management, the ISSM is responsible for developing, implementing, and maintaining an organization's information security program. They oversee day-to-day security operations, manage risk assessments and incident response, ensure compliance with government regulations, and advise leadership on the security posture.

Responsibilities

  • Oversee daily security operations for both classified and unclassified systems, ensuring policies and procedures are established and followed.
  • Conduct risk assessments, vulnerability analyses, and investigations to identify and mitigate threats and vulnerabilities.
  • Implement and manage security plans, ensuring information systems comply with government regulations (like the Risk Management Framework - RMF) and maintain Authorization to Operate (ATO) status.
  • Create, review, and manage security-related documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and other cybersecurity artifacts.
  • Develop and implement incident response plans, oversee investigations of security breaches, and ensure proper measures are taken to address incidents and vulnerabilities.
  • Attract, retain, and develop a skilled cybersecurity team, and oversee the implementation of security policies by team members.
  • Manage the configuration of systems, hardware, and firmware to maintain security integrity and control changes to systems.
  • Advise senior management and stakeholders on the organization's security posture, risks, and cybersecurity requirements.
  • Develop and implement information security education and training programs to raise employee awareness of security issues.

Requirements

  • Education and/or Experience: Bachelor’s degree and/or 5 to 8 years of experience in information security.
  • Security Clearance: TS/SCI required with the ability to obtain a TS/SCI with Poly highly desired.
  • Technical Expertise: Proficiency in cybersecurity principles, risk management frameworks (like RMF), and security technologies.
  • Leadership: Ability to lead and develop a cybersecurity team.
  • Communication: Strong communication skills to advise leadership, interface with government agencies, and collaborate with various stakeholders.
  • Risk Assessment: Expertise in conducting technical and administrative assessments to evaluate security risks.
  • Regulatory Knowledge: Understanding of government regulations and compliance standards (such as DoD, NIST, FIPS, and CNSS policies) relevant to information systems security.

Similar jobs