Information System Security Manager/Officer (ISSM/O)

The Information System Security Manager/Officer (ISSM/O) works as part of a team to provide cybersecurity support to an Air Force Materiel Command (AFMC) customer at Wright-Patterson AFB, Ohio. This position is responsible for ensuring information systems meet cybersecurity requirements and achieve Risk Management Framework (RMF) assessment and authorization within the Science and Technology (S&T) Authorizing Official (AO) boundary. Telework is not an option. These positions require the ability to work in a fast-paced, mission-critical environment with strict security. The successful candidate must demonstrate commitment to continuous learning and professional development to maintain currency with evolving technology and security landscapes., Risk Management Framework (RMF) Process Management:

• Manage RMF processes to achieve system authorization primarily within S&T AO boundary
• Develop proactive planning strategies and efficient documentation processes
• Coordinate closely with system owners, authorizing officials, SCAs, and SCARs
• Develop and submit complete and accurate RMF packages that meet all applicable requirements
• Achieve Authority to Operate (ATO) or Interim Authority to Test and Evaluate (IATT) within reasonable timelines established with Government

Security Control Implementation & Support:

• Implement and maintain security controls aligned with sustainment requirements
• Develop and update System Security Plans (SSPs) and control family plans
• Create and maintain directorate cybersecurity policies
• Remediate vulnerabilities identified by SCAs/SCARs within established timelines
• Ensure Continuous Monitoring (ConMon) compliance
• Facilitate smooth transition to sustainment ownership and operation

Risk Management Support:

• Support risk management activities by providing documentation to SCAs/SCARs
• Develop and maintain risk management plans in coordination with assessment teams
• Serve as cybersecurity liaison between project teams and AO boundary representatives
• Assist project teams in creating and submitting RMF packages
• Support SCAs/SCARs with technical questions and documentation requirements

Security Documentation Management:

• Prepare and maintain required security documentation (SSPs, POA&Ms, etc.)
• Ensure documentation accuracy and compliance with applicable regulations
• Maintain version control processes and change management procedures
• Develop security-relevant documentation for future sustainment teams
• Create clear and complete documentation for system transitions

Policy & Compliance Management:

• Maintain current awareness of cybersecurity threats and vulnerabilities
• Ensure compliance with DoD, Air Force, and local security policies and directives
• Stay current on security guidance and ensure system compliance
• Monitor and report on ongoing compliance activities

Incident Response Support:

• Support incident response activities including investigation, containment, eradication, and recovery
• Document incident response processes and procedures for sustainment
• Maintain familiarity with existing Incident Response Plans (IRP) for supported systems
• Provide effective and efficient incident response support

Continuous Monitoring & Analysis:

• Implement and maintain continuous monitoring processes for ongoing security compliance
• Design monitoring processes for sustainable execution after transition to sustainment
• Develop and implement monitoring strategies
• Analyze security logs and report on security status
• Create sustainable monitoring frameworks for long-term system operation

Additional Security Duties:

• Support implementation of new security technologies and processes
• Assist with security awareness training programs
• Participate in security audits and assessments
• Support development of security-related standard operating procedures
• Attend regular cybersecurity meetings (weekly, monthly, quarterly)
• Organize cybersecurity-focused team meetings for RMF activities

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field
• Minimum 5-7 years' experience in information security and risk management
• Extensive experience with DoD RMF processes and NIST cybersecurity frameworks
• Experience with both classified and unclassified system authorization processes

Certifications & Training:

• Current DoD 8140.01 certification appropriate for ISSM/O role (typically IAM Level II or III)
• CISSP, CISA, or equivalent advanced cybersecurity certification preferred
• RMF-specific training and certification
• Continuous education to maintain certification currency

Clearance Requirements:

• Must possess or be able to obtain and maintain a Top-Secret security clearance
• Preference will be given to those with a current Top-Secret clearance

Technical Expertise:

• Deep understanding of NIST RMF process and NIST SP 800-53 security controls
• Proficiency with security assessment and authorization tools
• Knowledge of vulnerability management and remediation processes
• Experience with security control assessment and testing methodologies
• Understanding of continuous monitoring technologies and processes

Regulatory Knowledge:

• Thorough knowledge of DoD, Air Force, and AFRL cybersecurity policies
• Understanding of FedRAMP, FISMA, and other federal security requirements
• Familiarity with multi-service (Army, Navy, Air Force) cybersecurity requirements
• Knowledge of privacy and data protection regulations

Communication & Leadership Skills:

• Excellent written and verbal communication skills for technical and non-technical audiences
• Ability to effectively communicate security posture, risks, and RMF progress
• Strong collaboration skills for working with diverse stakeholders
• Leadership capabilities for organizing and conducting team meetings
• Ability to translate complex security requirements into actionable plans

Performance Standards:

• Achieve system authorizations within agreed-upon reasonable timelines
• Maintain 100% compliance with applicable security policies and directives
• Provide complete and accurate security documentation meeting all requirements
• Effectively support incident response activities when required
• Successfully implement and maintain continuous monitoring processes

Special Considerations:

• Position may require support across multiple AO boundaries based on program evolution
• Must be adaptable to changing cybersecurity landscape and emerging threats
• Requires coordination with sustainment teams for seamless system transitions
• May need to support complex systems requiring extensive documentation or remediation with adjusted timelines

We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

Koniag Tech Infrastructure Solutions, LLC a Koniag Government Services company, is seeking an Information System Security Manager/Officer (ISSM/O) with TS/SCI security clearance to support KTIS And our government customer at Wright-Patterson AFB, OH., Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com. Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352