Industrial Security Specialist III; ISSM

The Information System Security Manager (ISSM) is the primary cybersecurity authority for the assigned classified information system. This role is responsible for the end-to-end security oversight, from system authorization to continuous monitoring, ensuring 100% compliance with DoD 8510.01 (RMF) and 32 CFR Part 117 (NISPOM). You will serve as the strategic advisor to the Facility Security Officer (FSO) and government partners, bridging the gap between technical IT operations and overarching industrial security goals.

Beyond standard oversight, this role serves as the Lead Coordinator for the architecture, build‑out, and certification of the classified information system. You will be responsible for synchronizing technical engineering, physical security requirements, and government accreditation to ensure the system reaches Full Operational Capability (FOC).

This position requires you to be able to obtain a government security clearance. You must be a US Citizen for consideration and you must be able to obtain an interim security clearance and start employment within 45 days of the interim security clearance being granted. For more information regarding the security clearance process, please visit Investigations & Clearance Process. All offers are conditional until interim security clearance is granted by DCSA (Defense Counter Intelligence Security Agency).

• Ensure consistent departmental safety standards and procedures across facilities.
• Address systemic safety concerns and implement standardized solutions.

• Perform Security Impact Analysis for all proposed system modifications to ensure they do not negatively affect the authorized security posture.
• Develop and maintain comprehensive System Security Plans (SSP), Risk Assessment Reports (RAR), and Security Control Traceability Matrices (SCTM) within eMASS.

• Oversee technical security scans using ACAS[CG1.1]/Nessus [CG2.1] and ensure all hardware and software adhere to DISA STIGs (Security Technical Implementation Guides).
• Assist with investigations into security violations, malicious activity, or classified data spills, coordinating directly with the FSO and relevant government agencies.
• Orchestrate the Assessment and Authorization (A&A) lifecycle for a classified information system, serving as the primary technical advisor to the Authorizing Official (AO).
• Manage the lifecycle of Plans of Actions and Milestones (POA&Ms), ensuring all findings are tracked, mitigated, and reported through official government channels.

• Develop and deliver annual security awareness training and specialized briefings for privileged and general users.

• Partner with the Facility Security Officer (FSO) to provide guidance on general security issues.
• Maintain audit‑ready records and lead preparations for government security reviews.
• Other assigned duties by the FSO related to any responsibility of BIW’s Industrial Security program.

• Implement a robust Continuous Monitoring (CONMON) strategy to detect unauthorized changes or anomalies in the authorized security baseline.
• Ensure automated audit trails are collected and reviewed.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related technical field. (Equivalent professional experience may be considered in lieu of a degree).
• Minimum of 4-6 years of experience in Information Assurance (IA) or Cybersecurity, with specific experience managing systems under the Risk Management Framework (RMF).
• Demonstrated expertise in NIST SP 800-53, 32 CFR Part 117 (NISPOM), and Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Guide (DAAG).
• IAM Level II or III Must possess a current, baseline certification in good standing. Valid certifications include CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CGRC / CAP (Certified in Governance, Risk, and Compliance), CASP+ (CompTIA Advanced Security Practitioner).

• Ability to obtain a secret clearance or…