Senior ISSM

Job#: 3033138

Job Description:

Location:

Fairfax, Virginia

Work Arrangement:
Hybrid

Employment Type:

Permanent/Direct-Hire

We are seeking a seasoned Senior Information System Security Manager (ISSM) to support cybersecurity for a hybrid enterprise environment spanning cloud and on-premise systems. This role is responsible for managing the Cybersecurity Program, ensuring compliance, managing risk, and maintaining the security posture of information systems. The ISSM will navigate the Risk Management Framework (RMF), assess the security of existing solutions, and architect hybrid approaches to optimize system capabilities while maintaining robust cybersecurity defenses.

• Lead the creation and enforcement of enterprise-wide security policies, standards, and procedures to ensure compliance with federal mandates.
• Oversee the full execution of the RMF process, including system categorization, security control selection, and continuous monitoring.
• Coordinate the preparation and maintenance of System Security Plans (SSP) and assessment packages to secure and maintain formal system authorizations to operate (ATO).
• Lead vulnerability assessments, prioritize remediation activities, and interpret technical threats for executive leadership.
• Direct high-level incident response efforts, ensuring proper forensic investigations and post-event analysis.
• Manage and mentor Information System Security Officers (ISSOs) and other cybersecurity professionals.
• Translate complex technical security challenges into business risk language for senior leadership.
• Act as the primary point of contact for external auditors, government customers, and regulatory bodies.
• Support business development activities by enabling secure system authorizations and ensuring compliance with CMMC and DFARS requirements.

Clearance:
Candidates must be able to obtain and/or maintain a Department of Defense (DoD) Top Secret (TS) Security Clearance as a condition or continuation of employment.

Education:

A Bachelor's degree in Computer Science, Cybersecurity, Information Systems Management, or a similar STEM discipline is required.

Experience:

16+ years in cybersecurity, information assurance, or IT security is required, with 8+ of those years in a senior leadership, ISSM, or Security Architect role. Candidates must have an active Top Secret security clearance.

• Active IAT or IAM Level III certification (e.g., CISSP, CISM, CASP+).
• Proficiency with NIST SP 800-53, NIST RMF SP 800-37, CNSSI No. 1253, NISPOM, and DCSA DAAPM.
• Experience with the full RMF lifecycle, network architecture, cloud security (FedRAMP), and data protection.
• Knowledge of threat modeling, vulnerability management, and incident response leadership.
• Familiarity with compliance tools such as eMASS, XACTA, ACAS/Tenable Nessus, SCAP, and STIGs/SRGs.
• Demonstrated knowledge of Windows Domain and Linux systems architectures.
• U.S. Citizenship is required.

• A Master’s degree in a STEM discipline.
• Expertise with artificial intelligence and machine learning (AI/ML) systems.
• Hands-on experience with Atlassian’s Jira and Confluence.

The anticipated salary range for this position is $ to $ annually. This employer offers a comprehensive benefits package.

Our organization is a leading provider of technology solutions, supporting critical national security missions. We value operational security and foster a culture of innovation and continuous improvement. We are committed to aligning our initiatives with our strategic goals and objectives.

This employer is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.