Classified Information Systems Security Manager; Onsite
Listed on 2026-02-16
-
IT/Tech
Cybersecurity, Information Security
U.S. Citizen, U.S. Person, or Immigration Status Requirements:
Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance
Security Clearance Type:DoD Clearance:
Secret Security Clearance Status:
Active and existing security clearance required on day 1
The Information Systems Security Manager (ISSM) serves as the primary cybersecurity authority for assigned classified and controlled information systems. This role is responsible for the end-to-end execution and oversight of cybersecurity activities in compliance with applicable U.S. Department of Defense (DoD) laws, regulations, and contractual requirements. As an advanced individual contributor, the ISSM independently leads system authorization, continuous monitoring, inspection readiness, and risk management activities, while providing technical oversight and mentorship to Information Systems Security Officers (ISSOs) and maintaining accountability for cybersecurity outcomes.
Responsibilities include implementing and sustaining cybersecurity requirements defined by government frameworks and guidance, including the Risk Management Framework (RMF), Joint Special Access Program Implementation Guide (JSIG) for SAP systems, NIST publications, NISPOM, and the DCSA Assessment and Authorization Guide (DAAG), and associated assessment and authorization guidance.
*
* What YOU will do:
Independently own cybersecurity responsibilities for assigned information systems, ensuring security objectives are achieved and organizational risk is effectively managed.
Serve as the primary cybersecurity authority for inspections, assessments, audits, and continuous monitoring, leading preparation, execution, and response activities to maintain authorization and inspection readiness.
Execute and maintain system authorization using the Risk Management Framework (RMF) and applicable guidance, including the Joint Special Access Program Implementation Guide (JSIG) for Special Access Program systems and the DCSA Assessment and Authorization Guide (DAAG) for DoD collateral systems.
Maintain awareness and working knowledge of DD Form 254s and contractual security requirements, ensuring cybersecurity controls, inspection scope, and authorization boundaries align with approved mission and program objectives.
Develop, maintain, and validate cybersecurity plans, authorization artifacts, and compliance documentation to support audit-ready operations.
Identify, assess, and communicate cybersecurity risk to senior leadership and Authorizing Officials, including the impact of system changes, vulnerabilities, inspection findings, and authorization conditions.
Lead continuous monitoring activities, including evaluation of security posture, validation of control effectiveness, and tracking of security-relevant data.
Develop, manage, and drive closure of Plans of Action and Milestones (POA&Ms) resulting from inspections, assessments, and continuous monitoring activities.
Lead and oversee cybersecurity Change Control Boards (CCBs), evaluating proposed system changes for security impact, authorization implications, and alignment with RMF requirements.
Execute or coordinate corrective and protective security actions resulting from inspections, continuous monitoring, or identified cybersecurity incidents.
Engage with Program Managers to integrate cybersecurity requirements into program execution, schedules, and decision-making, and to address risk impacts to cost, scope, and mission delivery.
Collaborate with cross-functional teams, including Information Technology, Facilities, and Industrial Security, to ensure cybersecurity requirements are integrated into technical, physical, and operational environments.
Coordinate with other cybersecurity teams across the enterprise to ensure consistent implementation of cybersecurity processes, standards, and authorization practices.
Provide technical direction and mentoring to ISSOs to ensure consistent execution of RMF activities,…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).