Information Systems Security Manager

The Information System Security Manager is responsible for applying and documenting Information System (IS) security principles, practices, and procedures under the Risk Management Framework (RMF) to maintain compliance with applicable security regulations.

Requirements

• Achieve and maintain Authorization to Operate for classified information systems
• Manage Risk Management Framework (RMF) process
• Lead and support security assessments and audits
• Perform tasks to meet continuous monitoring requirements such as audit log reviews, security patching, and hardware/software configuration
• Lead the organization's CMMC compliance program, ensuring alignment and adherence to DoD cybersecurity standards (NIST SP 800-171, etc.)
• Develop, document, and guide the implementation of practical, actionable information security policies, procedures, and controls aligned with CMMC and NIST standards (SSP, POAM, etc.)
• Continuously assess, refine, and manage the implementation of security controls across the enterprise architecture, using security metrics to drive improvements
• Provide clear technical guidance to the IT team on the implementation and operation of security measures
• Evaluate and recommend emerging cybersecurity technologies and best practices relevant to our environment
• Support the Facility Security Officer in other security disciplines such as COMSEC, physical security, document control, Insider Threat, OPSEC, and visit requests
• Perform other duties as assigned

Benefits

• Comprehensive Leave plan (Paid Time Off)
• Comprehensive Health Care package including Medical, Vision, Dental, Health Savings Account (HSA), and more
• 401 (k) retirement plan
• Paid Overtime
• Flex Time and Flexible Scheduling
• Opportunities to travel
• Tuition Reimbursement options
• Casual and relaxed work environment