Information System Security Manager Security Clearance

Position: Information System Security Manager with Security Clearance
Job Description Ready for What's Next? Kratos is a leader in assured aerospace communication solutions and services. We are cutting-edge innovators and creative problem solvers working collaboratively to solve our customers' toughest challenges. Our culture is fast-paced and innovative. We are a trusted partner-driven by doing the right thing and achieving maximum success for our customers, our partners and ourselves. Kratos is looking for an ISSM to lead and support other cybersecurity professionals in the execution of information assurance programs and will support other IT teams in implementing security measures.

This is accomplished in compliance with CMMC and Risk Management Framework policies and procedures such as System Security Plans, Risk Assessment Reports, Plans of Actions and Milestones, Assessment & Authorization packages, and Security Control Traceability Matrices. The ISSM will maintain an operational security posture and ensure security policies, standards, and procedures are established and followed. The ISSM will perform vulnerability and risk assessment analyses to support Assessment & Authorization and will provide configuration management for security software, hardware, and firmware.

While the primary location for this role is Kratos' Orlando office, candidates should be prepared to support future classified projects at other company locations as needed. These assignments will be based on project requirements and may involve collaboration with cross-functional teams across multiple sites. The candidate must be comfortable coordinating with and receiving support from remote personnel, including cybersecurity specialists, system administrators, and compliance experts.

The Orlando office is a dynamic and expanding hub, routinely taking on new and evolving projects that demand expertise in CMMC, NIST SP 800-171, and NIST SP 800-53 standards. This environment offers multiple opportunities for professional growth, exposure to cutting-edge cybersecurity initiatives, and the chance to contribute meaningfully to national security efforts. This position is based on multiple DoD Directives;

including DoD 5205.07 volumes 1-4;
DoDD 5205.02E;
DoDI 5025.01, 5205.11, 5200.39, 5220.22, DoDM 3305.13;
DoD 8140 series; NIST 800 series special publications;
Executive Orders 13556 and 13636, and DISA Security Technical Implementation Guides. Applicants selected could be subject to a government security investigation and must meet eligibility requirements for access to classified information. U.S. citizenship is required. Travel to customer sites and other program locations will be required.

Primary Responsibilities:

As a cybersecurity professional supporting government programs, you will play a critical role in safeguarding systems and ensuring compliance with federal security standards.

Responsibilities include:

Cybersecurity Program Management
* Develop, implement, and maintain a comprehensive cybersecurity program in coordination with government clients.
* Create and manage security policies, procedures, and documentation aligned with applicable directives and publications.
* Maintain current knowledge of system functions, technical safeguards, and operational security measures. Security Authorization & Compliance
* Collaborate with government sponsors and ISSMs to conduct security authorization reviews and develop assurance cases for new systems and networks.
* Ensure compliance with security policies and enforce system requirements, including data ownership responsibilities.
* Review system changes and assesses their impact on overall security posture. Monitoring, Auditing & Risk Management
* Develop and execute a continuous monitoring plan to ensure ongoing system integrity.
* Conduct security self-inspections, audits, and periodic testing to evaluate vulnerabilities and compliance.
* Analyze audit logs and reports, escalate anomalies, and recommend corrective actions.
* Document and report unresolved or serious security violations to appropriate authorities. Incident Response & Recovery
* Lead execution of the cyber incident response plan during security events.
* Coordinate with…