Enterprise Information System Security Manager (ISSM) - SME

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: Secret Eligible
• Required Certifications: DCWF Work Role 521-Cyber Defense Infrastructure Support Specialist — Intermediate proficiency; must hold ONE OR MORE of the following: GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP
• 7+ years of experience in cybersecurity
• Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
• Experience implementing and validating security controls aligned to STIGs, IAVMs, RMF requirements, and DoD cybersecurity policy.
• Experience establishing technical configuration baselines and driving remediation actions to reduce enterprise security risk.
• Experience managing or overseeing POA&M activities, including documenting findings, tracking corrective actions, and supporting timely closure.
• Experience performing log analysis to validate control effectiveness and identify indicators of non-compliance or heightened risk.
• Experience supporting continuous monitoring and compliance activities in coordination with cybersecurity operations and engineering teams.
• Experience supporting eMASS artifact updates, compliance documentation, or related RMF evidence management activities.
• Ability to provide technical guidance to engineers and administrators on secure hardening, vulnerability mitigation, and defensive cyber best practices.

Responsibilities

• Lead implementation and validation of technical security controls to harden systems in accordance with STIGs, IAVMs, RMF requirements, and DoD and ARNG cybersecurity policy.
• Establish and maintain secure configuration baselines, including baseline updates tied to approved changes, continuous compliance validation, and risk posture assessment.
• Direct vulnerability remediation prioritization and oversee POA&M management activities to drive timely risk reduction across classified and unclassified ARNG network environments.
• Conduct advanced log analysis to validate control effectiveness, identify security gaps, and provide technical recommendations that improve continuous monitoring outcomes.
• Provide technical guidance to engineers, administrators, and cybersecurity personnel on secure configurations, remediation actions, and defensive measures that strengthen enterprise cyber posture.
• Support eMASS update and integration activities by ensuring required artifacts, compliance evidence, and risk documentation are aligned to RMF processes and ongoing authorization needs.
• Coordinate with SOC and monitoring teams using USIEM, EDR, IDS/IPS, and related analytics to assess security events, verify defensive control performance, and inform corrective actions.
• Contribute to enterprise vulnerability management activities that include scanning, patching, mitigation, and compliance monitoring across approximately 141,000 endpoints and supporting infrastructure.
• Interface with coordinating organizations including the NETCOM Global Cyber Center, DISA DCDC, RCCs, and other ENOCS cybersecurity stakeholders to align remediation, reporting, and defensive cyber activities.
• Support DCO-IDM objectives for the DoDIN-Army-NG area of responsibility by validating hardening measures and sustaining secure operations across NIPRNet and SIPRNet enclaves.