Information Systems Security Manager (ISSM) Support Specialist (VA/CA)

About The Position

Requirements

• Must have an active Secret Clearance to be considered
• Must be within 1 hour of Alexandria, VA or Seaside, CA
• 6+ years supporting RMF, cybersecurity governance, or ISSM/ISSO functions in a DoD environment.
• Strong understanding of DoD RMF, NIST SP 800‑53, DoDI 8500.01, and DoD cybersecurity policies.
• Experience developing or reviewing SSPs, POA&Ms, SAPs, SARs, and other RMF artifacts.
• Familiarity with eMASS, cybersecurity documentation repositories, and governance tools.
• Ability to evaluate security controls, assess compliance, and identify risk impacts.
• Experience coordinating with AOs, PMs, ISSOs, and system owners.
• Bachelor’s degree in Cybersecurity, IT, Computer Science, or related field.
• Strong analytical and problem‑solving skills.
• Excellent written and verbal communication skills.
• Ability to work collaboratively across interdisciplinary teams.
• Must be able to pass background screening prior to employment.
• US Citizenship, legal permanent residence, or US work authorization with a minimum of 3 years of US presence is required due to federal contract requirements.
• Ability to work on‑site at Seaside or Mark Center for SIPR or classified system support.
• Reliable internet (50 Mbps down / 25 Mbps up) and a secure remote work environment.

Nice To Haves

• IAM Level III certification (e.g., CISSP, CISM, CAP) preferred.
• Experience supporting federal cybersecurity programs or DoD Components.
• Knowledge of NIST SP 800‑53 Rev 5 migration requirements.
• Familiarity with continuous monitoring and cATO frameworks.
• Experience developing cybersecurity policies, procedures, or governance documentation.
• Understanding of enterprise identity and access management workflows, including DoD e‑ICAM.

Responsibilities

• Ensure DHRA information systems comply with DoD RMF and cybersecurity policies.
• Develop and maintain cybersecurity programs, architectures, requirements, and policies.
• Identify information owners/stewards and ensure appropriate access controls.
• Maintain and update cybersecurity documentation, repositories, and authorization artifacts.
• Monitor, assess, and report system and organizational compliance with DoD directives.
• Coordinate cybersecurity inspections, assessments, tests, and reviews.
• Validate implementation and effectiveness of cybersecurity controls.
• Support migration from NIST SP 800‑53 Rev 4 to Rev 5.
• Provide cybersecurity guidance and recommendations to the AO and program teams.
• Report events or configuration changes affecting system authorization or security posture.
• Track and report system authorization status in accordance with DoD Component guidance.
• Coordinate enterprise‑level security issues with SOs, PMs, and ISSOs.
• Evaluate security authorization packages and system compliance for AO review.
• Maintain system risk assessments and lifecycle authorization documentation.
• Review and approve POA&Ms, ATO terms/conditions, SSPs, and annual reviews (AO concurrence required for high‑risk systems).
• Support development and implementation of continuous ATO (cATO) processes.
• Provide input for SAPs and SARs.
• Serve as ISSM representative for DoD e‑ICAM AAP workflows.
• Other duties may be assigned.

Benefits

• We provide reasonable accommodations to individuals with disabilities to enable them to perform the essential functions.