Information System Security Manager; ISSM
Listed on 2026-07-03
-
IT/Tech
Cybersecurity, Information Security
Quick Overview
ZTI Solutions is seeking an Information System Security Manager (ISSM) to lead the cybersecurity and Risk Management Framework (RMF) program supporting a multinational IL5/IL6 collaboration effort in an operational Department of War (DoW) environment hosting multiple Coalition Mission Partner Environments (MPE). This is a demanding, high‑energy role focused on security authorization, compliance oversight, and overall cyber risk posture across multiple enclaves.
LocationFt. Meade, MD — Onsite, full‑time (5 business days/week). No remote option.
ClearanceActive Secret required, with the ability to obtain TS/SCI; TS/SCI preferred.
CitizenshipU.S. Citizen required.
CertificationActive DoD 8140 IAM Level II or higher (e.g., CAP, CASP+, CISM, CISSP).
Reports ToSenior Technical Program Manager.
Position SummaryThe ISSM serves as the principal cybersecurity authority and subject matter expert responsible for establishing, maintaining, and overseeing the information system security program across classified, multinational, and mission‑critical enclaves. The ISSM owns the RMF lifecycle, manages Authorization to Operate (ATO) packages, directs continuous monitoring, and provides supervision and direction to ISSOs and supporting cybersecurity staff. The ideal candidate brings strong leadership, deep RMF expertise, and the ability to translate risk into actionable decisions while working closely with infrastructure, operations, leadership, and mission partner teams to keep enterprise systems compliant and operationally secure.
Key Responsibilities- Serve as the primary ISSM and cybersecurity authority for systems within a secure, multinational DoW environment.
- Develop, implement, and maintain the organization’s information system security program and policies.
- Own and manage the RMF lifecycle, including categorization, control selection, implementation, assessment, authorization, and continuous monitoring.
- Lead the development, submission, and maintenance of ATO packages and supporting authorization artifacts.
- Provide direction, oversight, and mentorship to ISSOs and supporting cybersecurity personnel.
- Maintain and track POA&Ms, ensuring timely remediation of findings and risks.
- Oversee security assessments, audits, and compliance activities, including STIG and IAVM compliance.
- Coordinate incident response, reporting, and risk decisions with leadership and mission partners.
- Review and approve system security documentation, including SSPs, risk assessments, and control implementation statements.
- Advise leadership and customers on cyber risk posture, mitigations, and authorization status.
- Ensure continuous monitoring data, vulnerability findings, and endpoint security posture are evaluated and acted upon.
- Other duties, as assigned.
- U.S. Citizen.
- Active Secret security clearance with the ability to obtain TS/SCI; TS/SCI preferred.
- Active DoD 8140 IAM Level II or higher certification (e.g., CAP, CASP+, CISM, CISSP).
- 8+ years of overall IT experience, including at least 5 years of progressive hands‑on experience in cybersecurity, RMF, and information assurance, with demonstrated experience in an ISSM or equivalent leadership role.
- Ability to work full‑time, onsite in Ft. Meade, MD, 5 business days per week.
- In‑depth knowledge of the Risk Management Framework (RMF) and the DoD authorization (A&A) process.
- Demonstrated experience developing and managing ATO packages, SSPs, POA&Ms, and continuous monitoring programs.
- Experience overseeing security assessments, STIG compliance, and IAVM remediation across enterprise systems.
- Familiarity with vulnerability management (ACAS/Tenable) and endpoint security (Trellix ESS) operations and how they inform risk decisions.
- Familiarity with SIEM platforms such as Microsoft Sentinel.
- Strong leadership, decision‑making, problem‑solving, and stakeholder communication skills, including the ability to brief senior‑level executives and customers.
- Bachelor's degree in Computer Science, Information Security, or another STEM discipline.
- Active Top Secret clearance with the ability to obtain SCI.
- Experience supporting systems in a DISA‑administered DoW…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).