×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Information System Security Manager

Job in Bloomington, Hennepin County, Minnesota, USA
Listing for: Polar Semiconductor
Full Time position
Listed on 2026-04-20
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below

Position Summary

We are seeking a highly skilled and self‑directed Information System Security Manager (ISSM) to serve as the cybersecurity authority for an organization of approximately 600 employees. This individual will function as the ISSM/ISSO, collaborating with respective teams on the full lifecycle of information system security — from daily operational execution to long‑term strategic planning and enterprise risk management. The organization handles Controlled Unclassified Information (CUI) as its primary data classification, with additional responsibilities for ITAR and EAR regulated data, and a long‑term trajectory to extend operations into classified environments.

The successful candidate will build, maintain, and mature the cybersecurity program across all of these domains. This is a leadership‑level individual contributor role with significant organizational visibility and autonomy.

DoD 8140 / DCWF Alignment

This position maps to the DCWF Work Role 722 — Information Systems Security Manager within the Oversee and Govern (OV) category, Cybersecurity Management specialty area. Candidates must meet or be prepared to meet the following DoD 8140.03 qualification requirements.

Key Responsibilities
  • Serve as the single ISSM/ISSO for the organization; own system authorization, continuous monitoring, and Plan of Action & Milestones (POA&M) management across all information systems.
  • Implement, assess, and maintain security controls aligned with NIST SP 800‑53 (Rev.
    5), NIST SP 800‑171, and CMMC Level 2+ requirements.
  • Harden endpoints, servers, and network infrastructure using DISA STIGs and CIS Benchmarks; manage deviation requests and document compensating controls.
  • Conduct and coordinate vulnerability scanning, remediation tracking, audit log reviews, and incident response activities.
  • Manage and maintain System Security Plans (SSPs), security assessment reports, risk assessments, and all authorization artifacts.
  • Monitor security tooling (SIEM, vulnerability scanners, endpoint protection, DLP) and ensure operational effectiveness.
  • Execute ongoing continuous monitoring activities consistent with NIST SP 800‑137 and organizational CONMON strategies.
  • Develop and drive the organization’s multi‑year cybersecurity strategy and roadmap, including CMMC certification readiness, classified environment standup, and CUI protection program maturity.
  • Author, review, and maintain cybersecurity policies, standards, and procedures aligned with federal regulations.
  • Provide cybersecurity risk assessments and recommendations to senior leadership; translate technical risk into business impact.
  • Lead the organization through CMMC assessment preparation and serve as the primary point of contact for C3

    PAO assessors and DIBCAC reviews.
  • Plan and oversee the transition from CUI‑only operations to classified processing capability, including infrastructure design and policy development.
  • Develop and deliver cybersecurity awareness training for all 600+ employees, including role‑based training for privileged users and executives.
  • Manage relationships with external auditors, assessors, government customers, and regulatory bodies.
Required Qualifications Education & Experience
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline. Equivalent combination of education, certifications, and direct experience will be considered.
  • 7+ years of progressive experience in information security, with at least 3 years in an ISSM or senior‑level ISSO role.
  • Demonstrated experience operating as a sole security practitioner or leading security functions with minimal oversight.
Technical Knowledge — Required
  • Policy Development:
    Demonstrated ability to author clear, enforceable security policies and communicate them effectively to technical and non‑technical audiences.
  • NIST SP 800‑53 (Rev.
    5):
    Deep knowledge of control families; ability to select, implement, assess, and monitor controls for moderate‑to‑high baseline systems.
  • NIST SP 800‑171 / CMMC:
    Hands‑on experience implementing the 110 CUI security requirements and preparing an organization for CMMC Level 2 assessment.
  • DISA STIGs:
    Proficiency in applying,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search