Information Systems Security Manager

• 8+ years of combined experience working in defensive/offensive cybersecurity, information assurance, penetration testing, software engineering, or related field.
• You have knowledge of the Department of Navy and Naval Air Systems Command (NAVAIR), to include digital infrastructure/environments, DevSecOps, Continuous Integration/Continuous Development (CI/CD), software factories, cloud-native containerized applications, Risk Management Framework (RMF), continuous Authority to Operate (cATO)., * Proven experience in designing, implementing, and maintaining multi-level security architectures across cloud, infrastructure, and platform applications.
• Deep proficiency in configuring and managing industry-standard security tools, including firewalls, intrusion detection systems (IDS), and
• Strong background in DevSecOps, with the ability to integrate and automate cybersecurity within CI/CD pipelines.
• Hands-on experience with security monitoring, log analysis, threat intelligence, and digital forensics to identify and respond to system anomalies.
• Expert knowledge of the Risk Management Framework (RMF) and Department of War (DoW) cybersecurity directives, including system categorization and continuous monitoring.
• Demonstrated ability to lead the full Authorization to Operate (ATO) lifecycle and manage System Security Plans (SSPs) in accordance with federal regulations.
• Extensive experience conducting security risk assessments, penetration testing, and compliance audits.
• Skilled in developing and enforcing organizational security standards, policies, and procedural documentation.
• Ability to serve as a primary cybersecurity advisor to senior leadership, engineering teams, and external stakeholders.
• Proven leadership in mentoring information security teams and coordinating cybersecurity requirements with external agencies and vendors.
• Strategic thinker capable of analyzing emerging threat vectors and adjusting security measures to maintain a robust security posture.
• Strong communication skills, with experience preparing and delivering high-level briefings and metrics on cyber readiness to key stakeholders.
• Experience with cloud security (e.g. AWS, Azure GCP).
• Familiarity with DevSecOps/Platforms such as AWS (S3, RDS, EC2, ECS, Lambda, SQS, SNS, CloudFormation, etc.), Azure (Azure App Service, Azure Functions, Azure Storage, Azure SQL Database, etc.), Docker, Ansible and experience with DevSecOps tools such as GitHub and Jenkins.
• Experience with on-premise compute infrastructure and networks.
• Experience in Agile development methodologies.
• Experience with defending against known attack vectors.
• In-depth knowledge of security frameworks, standards, and guides (e.g. RMF, NIST, CIS, STIGs, FIPS, etc.).

Education:

BS in Computer-Science field.

Certification Requirements:

IAM level 2- CISSP, CASP CE+, CGRC, or CISM

Even better if you have these desired skills:

• Data Operations (DataOps), Artificial Intelligence / Machine Learning Operations (AI/MLOps)
• Experience supporting electronic warfare systems.
• Familiarity with software development and DevSecOps integration.
• Awareness of aviation platforms and weapon systems.
• Experience with Multi-Level Security (MLS) or Cross Domain Solutions (CDS).
• MS in Computer-Science or Cybersecurity field.

Clearance Requirements:

Must possess a Top Secret clearance with SCI/SAP eligibility.

#LI-AC1

#LI-Onsite