More jobs:
Information System Security Manager; ISSM-Cloud Security
Job in
San Antonio, Bexar County, Texas, 78245, USA
Listed on 2026-05-21
Listing for:
General Dynamics
Full Time, Part Time, Seasonal/Temporary
position Listed on 2026-05-21
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer, Network Security
Job Description & How to Apply Below
Responsibilities for this Position
Location:
USA TX San Antonio
Full Part/Time:
Full time
Job Req: RQ219731
Type of
Requisition :
Pipeline
Clearance Level Must Currently Possess:
Secret
Clearance Level Must Be Able to Obtain:
Secret
Public Trust/Other
Required:
None
Job Family:
IT Infrastructure and Operations
Job Qualifications:
Skills:
Amazon Web Services (AWS) Security, Cloud Security, Platform Security, Security Architecture Design, Vulnerability Management
Certifications:
None
Experience:
6 + years of related experience
US Citizenship
Required:
Yes
Job Description:
Information System Security Manager (ISSM) - Cloud Security Architect
Mission & Impact
AETC recruits, trains, and educates Airmen to deliver 21st-century airpower. AWAKEN is AETC's enterprise-managed, accredited wireless/network service spanning flight lines, classrooms, dorms, and administrative facilities across the U.S. As ISSM - Senior Cloud Security Architect, you will lead cybersecurity for AWAKEN's cloud-native, software-defined, Zero-Trust transformation, ensuring secure, reliable connectivity that advances the training mission at scale.
Position Summary
This role is ideal for a hands-on cloud security engineer first, policy-aware second. You will actively engineer and enforce security controls across cloud and hybrid environments while maintaining RMF/ATO governance, continuous monitoring, and compliance. Expect roughly 66% platform engineering (secure design/implementation, automation, remediation) and 33% governance/policy enforcement (RMF artifacts, POA&Ms, attestations, board cadence).
Core Responsibilities
Governance, RMF & Compliance
* Lead RMF/ATO/ATC activities: develop and maintain SSP, control implementations, evidence, POA&Ms, and continuous monitoring strategy; coordinate with Government ISSO, SCV, AO; sustain ATO per USAF guidance.
* Enforce DISA STIG/SRG configurations across enterprise hardware/software; ensure timely patching/bug-fix deployment and flaw remediation with documented procedures.
* Enable and manage ACAS/Nessus vulnerability scanning (external and internal), deliver bi-weekly/30-day reports, and drive remediation to closure.
* Support incident response: immediate notification (phone/email) within six hours of discovery; 30-day follow-up reporting; maintain secure audit logs and event evidence.
* Participate in PMRs and CCBs; maintain enterprise baseline and CM Plan; provide artifacts (topologies, inventories, rack elevations, ports/protocols) and read-only visibility to Government tools/portals.
Cloud Security Architecture
* Implement secure configurations in AWS, Azure, GCP (or comparable platforms).
* Engineer IAM: RBAC, least-privilege, multi-account strategy, federation (IdP integration).
* Configure cloud-native logging/monitoring/alerting for security visibility (e.g., provider equivalents to Cloud Watch).
* Apply Zero-Trust principles across cloud networking and service-to-service comms (auth
N/auth
Z, encryption, segmentation).
* Develop IaC security baselines; codify guardrails/policies; enforce drift detection.
Vulnerability Management & Compliance
* Operate ACAS and vulnerability scanners; analyze findings; prioritize remediation; validate fixes; sustain POA&Ms and compliance dashboards (NIST SP 800-53, DISA STIGs, CMMC as applicable).
* Produce traceability mapping of technical controls to required frameworks; prepare audit evidence and assessor packages.
Platform Security (Linux, Windows, Virtualization)
* Linux (70%): hardening, auditing, patching, secure configuration, STIG application/validation.
* Windows (30%): server security configuration, patch management, policy baselines.
* Virtualization: secure VMs and management planes (e.g., VMware), including isolation, logging, and role segmentation.
Kubernetes & Container Security
* Secure clusters: RBAC, network policies, secrets management, pod security standards; image signing and vulnerability scanning; protect service meshes and encrypted service communication.
Networking & Zero Trust
* Apply TCP/IP, firewalls, VLANs, VPNs, routing, micro-segmentation to enforce least-privilege access across hybrid environments; integrate CoS/QoS and performance KPIs where applicable.
Automation & Dev Sec Ops
* Bash/Python automation for remediation and control validation.
* Terraform/Ansible (or equivalent) for enforcing baselines, policy-as-code, and repeatable secure deployments.
* CI/CD security integration, pre-deployment testing, and lab validation prior to production changes.
Collaboration & Leadership
* Serve as trusted advisor to COR and Government Technical Leads; brief diverse stakeholders in clear, mission-focused terms.
* Coordinate with PM, architects, network engineers, helpdesk/T3, and cybersecurity analysts; maintain cadence with PMRs and escalation SOPs.
Customer:
Air Education and Training Command (AETC), United States Air Force
Location:
San Antonio area; located within 25 miles of JBSA-Randolph, TX
Clearance:
Ability to obtain and maintain Secret; USAF CAC eligibility; U.S. citizen with required…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×