Senior Information Systems Security Manager (ISSM)

Summit 7 Systems-posted 9 months ago
$130,000 - $180,000/Yr
Full-time • Senior
Onsite • Huntsville, AL
Professional, Scientific, and Technical Services
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Senior Information Systems Security Manager (Senior ISSM) is a leadership role responsible for overseeing the implementation, management, and continuous improvement of the Risk Management Framework (RMF) process to ensure the security and compliance of organizational information systems. This individual will serve as the primary escalation point for complex security issues, provide strategic oversight, and lead the development of security policies, procedures, and documentation. The Senior ISSM will focus on the following key areas of responsibility: Corporate and Client Facing Risk Management Framework (RMF) Implementation, eMASS Management and Compliance, Information System Security, Security Control Assessments, Incident Response and Mitigation, Continuous Monitoring and Reporting.

  • Ensure compliance with, and perform all functions as required, by 32 CFR Part 117.18(c)(2) and applicable parts of 32 CFR Part 117.18 - National Industrial Security Program Operating Manual (NISPOM).
  • Oversee the end-to-end RMF process, including system categorization, security control selection, implementation, assessment, authorization, and continuous monitoring in accordance with NIST SP 800-53 and DoD RMF guidelines.
  • Lead the development, submission, and maintenance of RMF packages in eMASS, ensuring accurate documentation of security controls, risk assessments, and Plans of Actions and Milestones (POA&Ms).
  • Develop, implement, and enforce security policies to protect classified and unclassified information systems, ensuring confidentiality, integrity, and availability.
  • Conduct and oversee Security Control Assessments (SCAs) to validate the effectiveness of implemented controls, coordinating with Authorizing Officials (AOs) and system owners.
  • Lead incident response efforts for security violations, breaches, or spills, ensuring proper reporting, mitigation, and documentation in accordance with DoD and organizational policies.
  • Collaborate with personnel security teams to ensure user access aligns with clearance levels, roles, and need-to-know principles, enforcing least privilege and separation of duties.
  • Educate staff on RMF requirements, security protocols, and information system security best practices.
  • Implement and manage continuous monitoring strategies to identify and address vulnerabilities, ensuring systems remain compliant with RMF and organizational standards.
  • Communication with clients as required; keeping them informed of progress, notifying them of impending changes.
  • Either an associate or a bachelor's degree in computer science (CS) or Management Information Systems (MIS) from a reputable institute, or a minimum of seven (7) years of experience with information systems security, with at least three (3) years in a senior or leadership role managing RMF processes in a DoD or government environment, or a combination of education and relevant experience.
  • Extensive knowledge of RMF, NIST SP 800-53, eMASS, and DoD security policies, with proven experience in preparing systems for Authorization to Operate (ATO).
  • Have a basic understanding of the Microsoft Cloud ecosystem.
  • Ability to work independently and a strong desire for personal and professional development.
  • Incredible customer service skills.
  • S. Citizen.
  • Background Investigation / Personnel Clearance (PCL).
  • Knowledge of disaster recovery continuity of operations plans.
  • Knowledge of incident response and handling methodologies.
  • Ability to apply cybersecurity strategy to cloud computing service and deployment models, identifying proper architecture for different operating environments.
  • Experience with Microsoft 365 GCC High - Strong understanding of administration, security, and compliance requirements.
  • Familiarity with CMMC 2.0 Level 2 - Knowledge of cybersecurity maturity requirements and implementation best practices.
  • Proficiency in ServiceNow - Experience with IT service management (ITSM), Visual Task Boards (VTBs), Governance Risk & Compliance (GRC), and workflow automation.
  • Relevant Certifications (Preferred) - CISSP, CISM, CAP, ISSEP.
  • Excellent health/dental benefits from BCBS
  • Luxurious VSP vision benefits
  • 401k with company matching
  • Unlimited mobile phone plan
  • 10 days' vacation, 7 days sick time
  • Bonuses and salary increase potential via our certifications plan
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service