(704) Cybersecurity Information System Security Manager (ISSM)

Arlo Solutions Llc
Orlando, United States of America
4 days ago

Role details

Contract type
Contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Orlando, United States of America

Tech stack

Xacta
Microsoft Windows
Systems Engineering
Cloud Computing
Cloud Computing Security
Computer Security
Information Systems
Linux
Information Security Management
Information Systems Security Architecture Professional
Network Diagrams
Smartsuite
Zero Trust Network Access
Data Streaming
Systems Architecture
Virtualization Technology
Software Vulnerability Management
Cloud Platform System
Information Technology
Plan of Action and Milestones

Job description

Arlo Solutions is seeking an experienced Information System Security Manager (ISSM) to support a U.S. Army customer in Orlando, Florida. This is a full-time on-site position responsible for managing the cybersecurity posture and Risk Management Framework (RMF) lifecycle for approximately 3-7 Army Information Systems supporting missions ranging from Controlled Unclassified Information (CUI) through classified environments. The ISSM serves as the primary cybersecurity advisor for assigned systems and is responsible for ensuring compliance with DoD RMF, Army Regulation (AR) 25-2, and U.S. Army NETCOM RMF policies, processes, and business rules. The position requires close coordination with Government leadership, Program Managers, Information System Owners, Security Control Assessors, engineers, and Authorizing Officials to maintain secure, compliant, and operationally ready systems throughout their lifecycle., * Serve as the Information System Security Manager (ISSM) for 3-7 assigned Army Information Systems.

  • Lead all phases of the DoD Risk Management Framework (RMF) lifecycle in accordance with NETCOM RMF guidance.
  • Develop, maintain, and manage Authorization Packages, including SSPs, POA&Ms, Security Categorization, Continuous Monitoring documentation, and supporting Body of Evidence.
  • Coordinate Authorization to Operate (ATO), Interim Authorization to Test (IATT), Authorization to Operate with Conditions (ATO-C), and reauthorization activities.
  • Manage Continuous Monitoring (ConMon) activities, vulnerability management, STIG compliance, ACAS review, and cybersecurity reporting.
  • Conduct cybersecurity risk assessments and recommend mitigation strategies supporting Authorizing Official (AO) risk decisions.
  • Coordinate Security Control Assessments (SCA) and remediation of assessment findings.
  • Review system architecture, authorization boundaries, network diagrams, data flows, and system changes to ensure continued compliance.
  • Manage Plans of Action & Milestones (POA&M) and track corrective actions through closure.
  • Provide cybersecurity guidance to system owners, engineers, administrators, and Government leadership.
  • Prepare and brief cybersecurity status, risks, and authorization recommendations to senior Government stakeholders.
  • Support implementation of Zero Trust Architecture (ZTA), cloud security, and secure system engineering principles where applicable.

Requirements

  • Active Top Secret Security Clearance (SCI eligibility preferred)
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or related field (or equivalent experience)
  • Minimum 8 years supporting DoD cybersecurity program
  • Minimum 5 years supporting DoD RMF and Assessment & Authorization activities
  • Experience supporting U.S. Army or other DoD cybersecurity programs
  • Experience managing multiple RMF authorization packages simultaneously
  • Excellent written, verbal, and presentation skills
  • Candidates should meet applicable DoD 8140 Cyber Workforce Qualification requirements.

Preferred certifications include one or more of the following:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • CompTIA CASP+
  • Certified Cloud Security Professional (CCSP)

Desired Qualifications:

Required Knowledge & Experience The successful candidate should possess experience with:

  • Department of Defense Risk Management Framework (RMF)
  • U.S. Army RMF implementation
  • NETCOM RMF Business Rules and authorization processes
  • Continuous Monitoring (ConMon) * Vulnerability Management
  • Security Control implementation
  • Security Assessments and Authorization (A&A)
  • System Security Plans (SSP)
  • POA&M management * Security documentation development
  • Cybersecurity governance and compliance
  • eMASS, Xacta, or equivalent GRC tools
  • Microsoft Windows, Linux, virtualization, and enterprise networking
  • Cloud environments supporting FedRAMP and DoD Cloud SRG (preferred) Minimum Qualifications

About the company

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.

Apply for this position