Information System Security Manager (ISSM)

Decision Technologies, Inc.•Austin, TX

5h•Onsite

About The Position

Decision Technologies seeks a qualified Information System Security Manager (ISSM) to join our team in Austin, TX. The ISSM will have a proven record of reducing enterprise risk and strengthening security posture through advanced Microsoft security ecosystems, SIEM optimization, and strategic technology planning. This role involves implementing and managing Intune, Sentinel, Defender, and automated patching solutions. The ideal candidate must be an expert in incident response, threat hunting, and forensic analysis using Sentinel and Splunk. Skills in developing IT roadmaps, enforcing compliance with NIST, FISMA, HIPAA, PCI, and CUI/ITAR requirements, and integrating FedRAMP‑authorized technologies are essential. The position also requires proficiency in continuous monitoring, DLP implementation, executive‑level SIEM reporting, and enterprise risk mitigation. A MUST HAVE Secret Security Clearance is required.

Requirements

3 to 5 Years of experience as an ISSM
Bachelor’s degree from an accredited University or CNSSI 4012 certificate or ADQ GA7
Completion of one of the following: NEC 2779 (CIN: A-531-0009), NEC 3372 (CIN W-3B-1500, EKMS Manager), or A-4C-1340 (KMI)
MUST HAVE Secret Security Clearance

Nice To Haves

CompTIA CISSP or CASP
Understanding of NIST 800-53 Controls
Knowledge with DOD eMASS database.
Familiarity with STIG Viewer and eMASS software programs

Responsibilities

Developed, implemented, and managed enterprise security strategies resulting in a 30% reduction in security incidents over two years, utilizing Microsoft Intune (Kusto), Sentinel, and Defender.
Spearhead incident response and forensic investigations with Sentinel and Splunk, successfully mitigating high-priority two years breaches.
Develop a strategic IT roadmap addressing future technological needs, emerging security threats, and regulatory compliance.
Design and implement patch management tools to incorporate all users, reducing Attack Surface Area with Intune and Windows Automatic Update tool.
Leverage Defender for Cloud to reduce Attack Surface Reduction and increase security in depth.
Ensure compliance with regulations like NIST 800-53, NIST 800-171, FISMA, or other relevant cybersecurity frameworks.
Assess and procure IT products compliant with CUI and ITAR regulations, ensuring seamless integration with FedRAMP marketplace solutions.
Create, Implement, and Continuous Monitor of Sentinel to verify Risk Management, Threats, Vulnerabilities, Network and Device security, and any configuration changes.
Integrate workbooks with Sentinel to provide a SIEM for C Suite members during on-site visits and show utilization of security events being collected and analyzed.
Implement Data Loss Prevention with Labels in Intune to validate security compliance with HIPAA, NIST, PCI, PII and CUI.
Identify potential risks, developed mitigation strategies, and established contingency plans for enterprise IT systems.