Information Systems Security Manager (ISSM)

Saab•East Syracuse, NY

12h•Onsite

About The Position

Saab Inc. is looking for an Information Systems Security Manager (ISSM) to lead onsite cybersecurity efforts for classified programs. This position requires strong expertise in the Risk Management Framework (RMF), defense cybersecurity standards, COMSEC, and technical skills in complex, mission-critical environments. The role is responsible for maintaining the security of the site's classified systems and infrastructure, serving as the facility Information Systems Security Manager (ISSM), and providing expert advice on confidentiality, integrity, and availability. The ISSM will work closely with engineering and program leadership to ensure that security governance, risk management, and compliance are integrated throughout all operational and development activities at the site. This position is eligible for Saab, Inc's relocation package.

Requirements

Active DOD SECRET clearance, with ability to upgrade
Minimum of eight years' progressive experience in cybersecurity, including at least three years in an ISSM or site leadership role overseeing classified systems.
Bachelor’s degree from an accredited institution in a relevant field or relevant military education & training.
Subject matter expertise with authorization package submission tools (e.g., eMASS) leading to successful Authorization to Operate (ATO) and Authority to Connect (ATC).
Demonstrated proficiency with industry-standard Information Assurance tools required for DCSA system authorizations, such as: Vulnerability scanning tools (e.g., Evaluate STIG, ACAS), Endpoint protection platforms, SIEM/auditing solutions, eMass
Experience with the DCSA Assessment and Authorization Guide (DAAG) or DCSA Assessment and Authorization Process Manual.
Must be a U.S. citizen.
Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information.
As a condition of employment, candidates will be required to pass a pre-employment drug screen.

Nice To Haves

Familiarity with one or more of the following frameworks and guides: Joint Special Access Program (SAP) Implementation Guide (JSIG) Committee on National Security Systems Instruction (CNSSI) 1253 NIST SP 800-37 Risk Management Framework (RMF) NIST SP 800-53 Security and Privacy Control Requirements.

Responsibilities

Lead the execution of business enablement initiatives, incorporating advanced security principles into Classified Cyber programs to manage risk effectively, align with customer requirements, and support program success.
Provide oversight and guidance to ISSO staff.
Serve as the ISSM within the site's classified environment.
Mentor, train, and develop team members to maintain a high-performing classified cybersecurity capability.
Design, implement, and continuously improve security policies, standards, and processes consistent with DoD, DISA, and RMS requirements.
Oversee the deployment and validation of security controls across all classified assets, ensuring consistency.
Direct risk-based assessments, vulnerability management, and incident response activities.
Advise program and engineering teams on secure architecture, system hardening, and compliance with NIST SP 800-53, DISA STIGs, and relevant frameworks.