Information System Security Manager III

About The Position

Requirements

• Graduate degree from an accredited university, ORCNSSI 4012 certificate, OR NDU CISO certificate, OR NDU CIO certificate, OR AQD GA8, OR Completion of qualifying military courses: NEC 2779 (CIN: A-531-0009), 3372, EKMS Manager CIN W-3B-1500, A-4C-1340 (KMI), or DoD equivalent military cybersecurity training.
• Five (5) years of specialized expert-level experience in Specialty Area 72 - Information System Security Management.
• Expert understanding of RMF, cybersecurity governance, and system authorization.
• Deep knowledge of FIPS, NIST, DoD, and Navy cybersecurity policies and standards.
• Experience with ICS/OT cybersecurity considerations, network architectures, and industrial protocols.
• Strong ability to manage audits, inspections, risk assessments, and formal A&A processes.
• Ability to lead teams, influence stakeholders, and communicate complex cybersecurity concepts to technical and non-technical audiences.
• Skilled in developing cybersecurity policies, procedures, SOPs, training materials, and compliance documentation.
• Ability to work effectively remotely in cross-functional teams.
• Ability to meet deadlines and produce quality work.
• Proficient in Microsoft Suite software including Outlook, Word, Excel, SharePoint, and PowerPoint.
• U.S. Citizenship with the ability to obtain and maintain a DoD Secret clearance.

Responsibilities

• Lead the cybersecurity governance framework for assigned systems, ensuring alignment with Navy and DoD requirements.
• Provide senior-level oversight of security engineering, controls implementation, and system authorization processes.
• Serve as the primary cybersecurity advisor for system owners, technical leads, and Government stakeholders.
• Direct the full RMF lifecycle, ensuring completeness of A&A documentation and accuracy of system categorization, security plans, POA&Ms, ISCM strategies, SARs, and final authorization packages.
• Ensure systems meet FIPS/NIST requirements and Navy-specific cybersecurity directives.
• Lead preparation for audits, inspections, and assessments, ensuring corrective actions are implemented.
• Review and guide security architecture decisions for both IT and OT/control system environments.
• Oversee the implementation, validation, and continuous monitoring of cybersecurity controls (technical, operational, and managerial).
• Ensure secure configurations, STIG/SRG compliance, and patching across systems, networks, databases, and control system components.
• Continuous Monitoring & Cyber Readiness
• Policy Development, Documentation & Training
• Stakeholder Coordination & Reporting

Benefits

• SmartBenefits through the Washington Metro Area Transportation Authority, where you specify an amount of your pre-tax wages be paid directly to your SmarTrip account.
• In some cases, tuition assistance may be available for continuing education expenses and certifications related to their position.