(688) Senior ISSM SME

Arlo Solutions LLC•Arlington, VA

9d•Hybrid

About The Position

The role requires a senior professional who can operate successfully in a pioneering and fast-moving defense technology environment. The ISSM SME will be accountable for upholding security standards across the organization, safeguarding sensitive information critical to national security, and helping mature scalable cybersecurity operations across CDAO systems. In addition to providing RMF and ISSM expertise, this individual will support program execution by managing priorities, coordinating tasking, tracking deliverables, supporting onboarding and offboarding of team members, identifying operational risks, and helping ensure the team is aligned, organized, and meeting mission objectives. The role will require strong communication, accountability, stakeholder management, and the ability to keep daily operations running smoothly across a distributed and mission-focused team. The ISSM SME will support enterprise-wide cybersecurity governance by partnering with the Government ISSM to help define and mature the ISSM Program for the CDAO organization. Responsibilities will include managing authorization workflows, improving standardization, mentoring cybersecurity personnel, developing reusable cybersecurity artifacts, supporting process improvement, and enabling consistent, repeatable cybersecurity practices across the enterprise. To be successful in this position the candidate must possess a firm understanding of statutory guidance such as statutory guidance including 570.01 (Information Assurance Workforce Improvement Program), DoDI 8500.01 (Cybersecurity), DoD Directive 8140.03 (Information Systems Security Manager DoD Cyber Exchange), and NIST 800-37 r2 (Risk Management Framework for Information Systems and Organizations).

Requirements

Demonstrated experience as an ISSM, ISSO, ISSE, cybersecurity engineer, or RMF practitioner supporting DoD systems.
Experience using eMASS for authorization package management and cybersecurity workflow execution.
Knowledge of/Experience drafting cybersecurity policies, SOPs, Dash-1s, implementation guidance, or operational procedures.
Ability to mentor cybersecurity staff and support enterprise cyber workforce development.
Must have an active TS/SCI Clearance
Bachelor’s degree in computer science/information technology, or other related degree fields (master’s degree is preferred or at least 10 years of related experience)
At least 10+ years of cybersecurity experience including a senior technical or management role, Project or Program Management experience a plus.
At least one IAT/IAM or equivalent security certifications ex. CISSP, CCSP, CISM, CISA, or CASP
Experience working with OSD leadership or Military component or branch.
Excellent communication/presentation skills briefing senior military and government civilian leadership.
Experienced with writing policies, guides, procedures.
Experience in hands on with eMASS, Xacta and/or other GRC tools.
Experience with Federal and FedRamp A&A Processes.
Experienced and comfortable advising at the Senior Executive Service (SES) level of customers

Nice To Haves

master’s degree
CISSP
CAP
Security+ CE
CASP+ / SecurityX
CISM
GSLC / GIAC (preferred)

Responsibilities

Serve as a primary contract point of contact for Government stakeholders, supporting communication, coordination, and issue resolution.
Manage day-to-day program operations to ensure team activities, priorities, and deliverables remain aligned with Government objectives.
Track tasks, milestones, action items, risks, dependencies, and deliverables across RMF and cybersecurity workstreams.
Support onboarding and offboarding of team members, including coordination of access, orientation, knowledge transfer, and transition activities.
Facilitate meetings, status updates, and working sessions with Government and contractor personnel.
Develop and maintain program documentation, schedules, trackers, process guides, and recurring status materials.
Manage and oversee enterprise authorization activities within eMASS across supported systems and programs.
Coordinate, track, and manage eMASS workflows, artifacts, approvals, inheritance relationships, and authorization requests.
Support system onboarding, authorization sustainment, authorization extension, reciprocity, and Continuous Monitoring activities within eMASS.
Validate authorization package completeness, workflow progression, and cybersecurity artifact quality.
Assist in developing and maintaining enterprise cybersecurity governance documentation.
Develop repeatable, scalable cybersecurity processes aligned to organizational maturity and process standardization initiatives.
Assist in defining, documenting, and operationalizing enterprise-level organizational controls for inheritance within eMASS.
Help establish standardized inherited control baselines to reduce redundancy and improve authorization scalability.
Identify common enterprise security services, policies, procedures, and safeguards eligible for inheritance.
Support implementation of enterprise authorization efficiencies through standardized control inheritance.
Mentor junior and mid-level ISSMs, ISSOs, and cybersecurity personnel supporting CDAO systems.
Provide coaching and guidance on promoting consistency, quality, and repeatability across enterprise cybersecurity efforts.
Assist in establishing standardized cybersecurity governance expectations and best practices.
Support planning, coordination, and delivery of monthly ISSM education sessions.
Develop training content and instructional material covering enterprise cyber maturity improvement across supported ISSM personnel.
Assist in creating and maintaining standardized CDAO cybersecurity templates and Body of Evidence (BOE) artifacts.
Develop reusable, repeatable templates to improve authorization package consistency and quality.
Support cybersecurity artifact quality assurance and standardization across enterprise onboarding efforts.
Support enterprise Continuous Monitoring (ConMon) governance activities.