Lead Cybersecurity Engineer / Information Systems Security Manager (ISSM), TS/SCI

Seeking a Lead Cybersecurity Ops Engr / Information Systems Security Manager (ISSM) to serve as a subject matter expert (SME) supporting the Department of the Air Force. You will work directly with government, technical, and industry stakeholders to shape cybersecurity strategy, drive secure architecture, ensure RMF/ATO compliance, and manage cyber risk for mission-critical capabilities. You will play a crucial role in providing recommendations for resiliency and availability of DoW software systems pertaining to space, best practices for securing supply chain, and enabling effective processes and procedures to protect the nations space programs.

The ISSM shall assume primary responsibility for the execution of the Risk Management Framework (RMF) lifecycle. The program is currently integrating 4 prototypes into 2 major sub-systems (Orchestration and Execution), with an initial priority on accrediting the Execution subsystem's development and operational environment. This role executes the day-to-day ISSM workload-including ATO package generation, control selection, and artifact management-as the Government Technical Advisor. The Government will continue to provide oversight and direction and approval authority as required by law.

Typical job responsibilities Include:

• Lead the design and implementation of cybersecurity controls across multi-domain systems.
• Serve as the program ISSM, guiding systems through the RMF, including Preparation, Categorization, Control Selection, Implementation, and Assessment.
• Manage all ATO activities using XACTA 360, including entering Control Correlation Identifiers (CCIs) and uploading evidence.
• Develop a security boundary integration strategy; analyze and document the security posture of component prototypes and develop an inheritance strategy to align with the program roadmap.
• Author and maintain all security documentation, including the System Security Plan (SSP), Security Assessment Plan (SAP), Security Control Traceability Matrix (SCTM), and all supporting artifacts required for an Authority to Operate (ATO).
• Manage the Plan of Action and Milestones (POA&M) for the integrated system and develop a continuous monitoring strategy, coordinating remediation efforts with government and development teams.
• Support secure architecture and integration for cloud-based development and operations environments.
• Lead and mentor other cybersecurity and ISSO personnel.
• Provide security engineering expertise in areas such as cryptography, cross-domain solutions, system integration, and secure infrastructure.
• Advise program leadership on cybersecurity posture, risks, and system readiness through regular readiness briefings.

• 14 years of experience and a Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or a related discipline; or a Master's degree and 12 years of experience; or a PhD/JD and 9 years of experience.
• 6+ years of Cybersecurity, ISSM, or ISSO experience in SAP/SCI or DoD environments.
• Experience with system security engineering, vulnerability assessment, and secure system development.
• DoD 8140 (722) Information Systems Security Manager - Intermediate certification (e.g., CGRC/CAP, CASP+, CCSP, Cloud+, SSCP, Security+, or GSEC).
• Experience in supporting and/or managing technical programs throughout the software engineering life cycle.
• Requires an active Top Secret clearance with the ability to obtain and maintain Sensitive Compartmented Information and Special Program access, as well as a willingness to consent to a polygraph examination.

You will wow us even more if you have experience will the following:

• Advanced 8140 (722) certification (e.g., CISM, CISSP, CISSP-ISSMP, GCIA, GCIH, GSLC, GICSP).
• Experience scaling prototype capabilities into operational enterprise systems.
• Experience securing space mission systems, cloud/DevSecOps environments, or C2 systems.
• Knowledge of secure Software Development Lifecycle, configuration/change management, and enterprise cyber monitoring tools.
• Understanding of enterprise IT change and configuration management policies.
• Experience with design, development, documentation, testing, and debugging of application software using secure coding practices.