Info Systems Security Manager

About The Position

Requirements

• Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD and nine (9) years or more experience in a related field. Additional experience or certifications may be considered in lieu of a degree.
• Active Top Secret clearance with SCI eligibility.
• IAM Level III certification in accordance with DoD 8140.01/8570.01-M (e.g., CISSP, CISM, or GSLC).
• Extensive knowledge of the Risk Management Framework (RMF) lifecycle, specifically with proven experience maintaining IATT and guiding systems to ATO.
• Hands-on experience performing ISSO responsibilities, including configuring and securing systems, implementing controls, and documenting compliance.
• Technical expertise securing and managing AWS environments, including IAM role creation, VPC configuration, and applying cloud security policies and tools.
• Proficiency in securing and managing air-gapped systems, leveraging operational security controls, baseline configurations, and isolation techniques.
• Strong interpersonal and communication skills, with the ability to collaborate across government customers, cross-functional teams, and leadership stakeholders.

Nice To Haves

• Experience supporting DoD programs, especially those focused on rapid system development and deployment.
• Familiarity with Air Force testing and compliance frameworks, particularly those governing AWS and air-gapped systems during development lifecycles.
• Advanced understanding of vulnerability management, including tools and techniques for assessing STIG compliance, managing risks, and implementing POA&Ms

Responsibilities

• Act as the principal cybersecurity authority for HOPE 2.0 systems under AF TENCAP, overseeing security during design, development, testing, and deployment phases.
• Provide guidance to developers on secure configurations, architecture reviews, and compliance efforts.
• Manage the security posture of AWS and air-gapped systems, ensuring adherence to DoD and NIST standards.
• Lead IATT processes for secure operational testing and serve as ISSM/ISSO, providing both strategic oversight and hands-on support.
• Develop and maintain RMF artifacts (SSPs, POA&Ms), and lead IATT/ATO activities in collaboration with SCAs and AOs.
• Implement and validate NIST 800-53 controls, providing technical solutions for secure system development and accreditation.
• Secure AWS resources (IAM roles, VPCs, audit trails) and air-gapped systems with effective configurations and operational safeguards.
• Conduct vulnerability assessments, patch management, and compliance reviews to mitigate risks and ensure system readiness.
• Collaborate with system owners to balance functionality with mission-essential data protections.
• Manage cybersecurity incidents and establish continuous monitoring for vulnerabilities, risks, and audit readiness throughout the lifecycle.
• Perform ISSO tasks, including system hardening, access reviews, and routine security audits.
• Partner with developers, system administrators, ISOs, and Air Force leadership to embed security best practices.
• Facilitate IATT compliance, ensuring secure testing and deployment of operational capabilities.
• Lead cybersecurity training for users, administrators, and support teams during system transitions.