Information Systems Security Manager (ISSM)

Zachary Piper
Colorado Springs, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 160K

Job location

Colorado Springs, United States of America

Tech stack

Xacta
Microsoft Windows
Computer Security
Information Systems
Disaster Recovery
Information Security Management
SAP Applications
Security Content Automation Protocol
Virtualization Technology
Nessus
Splunk
Plan of Action and Milestones
VMware

Job description

  • Lead activities required to obtain and maintain Authority to Operate (ATO) approvals for classified information systems
  • Ensure compliance with Department of Defense (DoD), Risk Management Framework (RMF), CNSSI, NIST, and applicable cybersecurity policies and directives
  • Perform vulnerability and risk assessments supporting authorization and accreditation efforts for classified systems
  • Develop, maintain, and update RMF documentation including System Security Plans (SSP), System Assessment Plans (SAP), Risk Assessment Reports (RAR), Security Control Traceability Matrices (SCTM), Plans of Action and Milestones (POA&M), and Continuous Monitoring (ConMon) Plans
  • Coordinate with program security officers and government security officials regarding approvals for External Information Systems and system interconnections
  • Conduct periodic reviews and evaluations of information system security policies, standards, and procedures
  • Support and coordinate Information System Security Assessments, testing activities, and security reviews
  • Evaluate and process hardware and software requests through appropriate security review processes

Requirements

  • Bachelor's degree (preferably Information Security, Cybersecurity, or related field)

  • 9+ years of experience supporting cybersecurity, information assurance, system administration, or related disciplines (7 years with a Master's degree)

  • Experience with Risk Management Framework (RMF), NIST standards, CNSS requirements, cybersecurity risk management methodologies, and compliance processes

  • Experience supporting Program Security disciplines including OPSEC, Program Protection, Personnel Security, Security Training and Education, and Classification Management

  • Experience working within SAP and/or SCI environments

  • Experience controlling, labeling, scanning, and transferring data between information systems operating at various classification levels

  • Willingness to support nomination for Sensitive Compartmented Information (SCI), Special Access Programs (SAP), and Polygraph requirements

  • Possession of certification(s) meeting or exceeding DoD 8140 IAT Level II requirements (e.g., Security+, CISSP)

  • Experience supporting Windows-based environments with working knowledge of Linux operating systems

  • Master's degree in Cybersecurity, Information Security, or related security discipline

  • Experience using DoD cybersecurity and compliance tools including eMASS, XACTA, ACAS, STIGs, Nessus, SCAP, and Splunk

  • Knowledge of JSIG, ICD 503, NIST RMF, NIST, and Assessment & Authorization (A&A) processes

  • Experience supporting Incident Response and Disaster Recovery activities

  • Experience developing and maintaining security plans, procedures, and certification artifacts

  • Familiarity with virtualized infrastructure technologies such as VMware

  • Experience conducting security audits and formal information system assessments

  • Extensive experience administering and securing Windows-based information systems

  • Understanding of Contractor Program Security Officer (CPSO) responsibilities including PERSEC, PHYSEC, visitor control, facility security, and security education programs

  • Familiarity with DD254 requirements and support of government contracts

Benefits & conditions

$120,001 - $160,000

Medical, Dental, Vision, 401(k), Paid Time Off, Holiday Pay, Sick Leave as required by state law, and additional employee benefit offerings

ISSM, Information Systems Security Manager, Cybersecurity, Information Assurance, RMF, NIST, CNSSI, ATO, Accreditation, Authorization, eMASS, XACTA, ACAS, Nessus, STIG, Splunk, SAP, SCI, DoD, Security+, CISSP, Incident Response, Continuous Monitoring, Vulnerability Management, Linux, Windows, VMware, Program Security, Space Force, Space Systems Command, Colorado Springs, Government Consulting, Classified Systems, Information Protection

About the company

Zachary Piper Solutions is seeking an to support a premier defense and aerospace program in . The ISSM will manage all facets of the Information Protection Program supporting secure operating facilities and classified information systems. This role is responsible for accreditation, compliance, continuous monitoring, and operational security activities across multiple classification levels. The successful candidate will provide technical leadership, cybersecurity oversight, and information assurance expertise to ensure mission success while supporting critical space defense initiatives.

Apply for this position