Information Systems Security Manager (ISSM)

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• 8+ years of relevant experience in security operations, systems engineering, or IT management.
• Hold an active IAM Level III Certification, such as a CISSP or CISM.
• Maintain a U.S. Government Top Secret clearance with SCI eligibility and a valid U.S. citizenship.
• Demonstrate framework expertise in NIST 800-series and the Risk Management Framework (RMF).
• Show proficiency with security tooling such as SPLUNK, Nessus/Security Center, and/or SCAP compliance tools.
• Apply knowledge of modern infrastructure, including Zero Trust principles, cloud-native security, and hybrid-cloud environments.
• Exhibit familiarity with DevSecOps integration, CI/CD pipelines, configuration-as-code, and policy-as-code practices.
• Deliver strategic communication that translates complex technical risks into actionable insights for executive leadership.
• Implement threat mitigation through rigorous vulnerability management and technical configuration standards.
• Navigate the unique challenges of DCSA compliance and audit preparation within a fast-paced technology startup.
• You're creative, flexible, and eager to wear multiple hats.
• You're passionate about building systems from the ground up and comfortable with ambiguity and change.

Responsibilities

• Develop and maintain organizational security governance and policies specifically aligned with enterprise objectives and quantum-specific R&D needs.
• Provide RMF leadership by leading the Assessment and Authorization (A&A) process to maintain a consistent Authority to Operate (ATO).
• Maintain architecture oversight by partnering with engineering to integrate "secure-by-design" principles into cloud-native and quantum-hybrid architectures.
• Drive DevSecOps integration by overseeing security requirements within CI/CD pipelines, ensuring automated safeguards are embedded in software development workflows.
• Manage compliance and monitoring through continuous monitoring (CONMON) activities, system audits, and vulnerability assessments (STIGs, SCAP).
• Lead incident and threat response by identifying, investigating, and mitigating security breaches, including insider risk and brand monitoring.
• Serve as the Acting Facility Security Officer (FSO), overseeing personnel security, clearance processing, and physical security protocols for the facility.
• Lead the organization’s interaction with the Defense Counterintelligence and Security Agency (DCSA), specifically managing the transition from a startup environment through its first successful security audit.
• Conduct personnel management by supervising, mentoring, and training a diverse team of ISSOs and security analysts to support mission-focused goals.

Benefits

• Medical, Dental, and Vision insurance
• Fidelity 401(k) plan with 4% employer matching
• 20 paid time off (PTO) days per year
• 13 paid company holidays
• 9/80 work schedule (every other Friday off)