Information System Security Manager; ISSM

Information System Security Manager (ISSM)

Overview

LOCATION: Eglin AFB, FL

JOB STATUS: Full-time

CLEARANCE: Top Secret

CERTIFICATIONS: CISSP or CISM

TRAVEL: As needed

Astrion has an exciting opportunity for an Information Systems Security Manager (ISSM) to support our customers with Cybersecurity Integration in the 96th Test Wing at Eglin AFB, FL. The ISSM will serve as the principal advisor on all information systems security matters, operating at an organizational level with broad strategic responsibilities, including those supporting a large Infrastructure and Modernization effort for the Eglin 96th Test Wing.

• Masters degree in Computer Science, Information Systems, Cybersecurity, or a related field.
• Minimum of 10 years of experience as an Information System Security Manager or in a similar role, with demonstrated experience in managing cybersecurity programs in a DoD environment.
• * Must possess a FINAL (no interim) Top Secret clearance, with an investigation current within 6 years*. (SSBI, SSBI‑PR, or phased reinvestigation.)
• Deep understanding of DoD and Air Force cybersecurity policies, regulations, and standards including special access programs (SAP).
• Must possess one of the following certifications and must be current/maintained: CISSP or CISM.
• Deep understanding of information security principles, mechanisms, and best practices.
• Extensive knowledge of security frameworks and standards (e.g., NIST 800‑53, NIST Risk Management Framework, CNSS, JSIG).
• Expertise in risk management methodologies and security assessment techniques.
• Extensive experience with security assessment tools and techniques (e.g., vulnerability scanners, penetration testing).
• Strong understanding of network security concepts (e.g., firewalls, IDS/IPS, VPNs).
• Experience with cryptography, including encryption algorithms, key management, and digital signatures.
• Extensive experience with cloud security principles and practices (e.g., AWS, Azure, Google Cloud).
• Experience with security incident response and handling.
• Experience with SIEM systems and log analysis to identify potential threats.
• Strong communication and interpersonal skills, with the ability to effectively communicate technical information to both technical and non‑technical audiences.
• Ability to work independently and as part of a team.
• Will be some walking as we travel to site locations, some of which will be undeveloped or in construction.
• Occasional travel will be required.

• Experience working on a military range, with a demonstrated understanding of the unique cybersecurity challenges associated with such environments.

• Function as the principal advisor on all information systems security matters, operating at an organizational level with broad strategic responsibilities.
• Engage and interact with applicable stakeholders in all phases of the NIST RMF framework to achieve and maintain Authority to Operate (ATO).
• Develop, implement, and maintain the overall information security program for assigned systems and networks.
• Drive the consolidation and standardization of squadron ATO efforts to enhance overall operational efficiency.
• Collaborate extensively with other Information Assurance personnel to develop a comprehensive understanding of their ATO systems and solicit feedback for improvements.
• Develop and implement solutions and guidance that standardize, streamline, and improve squadron ATO processes.
• Engage with third‑party vendors under government contract(s) to meet the criteria required to achieve ATO modernization goals.
• Ensure security policies, standards, and procedures are aligned with federal mandates such as FISMA and NIST frameworks, as well as DoD and Air Force cybersecurity directives.
• Oversee risk management programs, compliance activities, security awareness and training initiatives.
• Serve as the expert on securing complex, diverse sets of systems, including RF subsystems, SATCOMs, range instrumentation, radars, telemetry, and traditional IT infrastructure that may fall into the domain of special access programs (SAP).
• Develop, implement, and maintain comprehensive security plans, policies,…