Sr. Information Systems Security Manager II (6395)
About The Position
As Sr. Information Systems Security Manager II, you'll lead cybersecurity governance and risk management for mission-critical systems supporting national-level DoD and Intelligence Community operations. This role owns RMF execution, ATO sustainment, and security posture oversight while enabling operational delivery through disciplined risk-based decision-making and close coordination with Government stakeholders. We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers. If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!
Requirements
- Active Top Secret security clearance with SCI eligibility required.
- 8+ years of experience in cybersecurity, including specialized experience supporting DoD and Intelligence Community environments.
- Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related technical field is strongly preferred. Relevant experience may substitute for education requirements.
- Possess DoD 8140 certification aligned to the 722 Information Systems Security Manager work role, such as Security+ or GSEC, SSCP, CAP, CASP+, CISSP, CCSP, CISM, CISSP-ISSMP, or GSLC.
- Demonstrated expertise applying the Risk Management Framework, including defining, implementing, and enforcing security requirements for programs, systems, or enclaves.
- Proven experience serving as the cybersecurity authority for a program or organization, with responsibility for security posture, compliance, and risk acceptance.
- Hands-on experience overseeing system authorization activities, continuous monitoring, security assessments, and control validation.
- Demonstrated experience drafting and revising security policies, procedures, and supporting documentation in compliance with applicable directives.
- Operational experience coordinating with system owners, engineers, auditors, and government stakeholders to manage risk and maintain authorization.
- Ability to contribute immediately with minimal ramp-up in a mission-critical operational environment.
- Required technical certifications include CISSP or CISM.
Responsibilities
- Serve as the primary cybersecurity authority for the program, owning program-level cybersecurity governance and RMF execution
- Lead control implementation, assessment, authorization, and continuous monitoring activities across systems and enclaves
- Coordinate directly with Government Authorizing Officials (AO), Security Control Assessors (SCA), and program leadership
- Oversee ATO issuance, maintenance, audits, POA&Ms, and security reporting using RMF tooling such as Xacta and SNAP
- Define, enforce, and validate cybersecurity requirements across contractor and partner teams
- Integrate cybersecurity controls and risk management into Agile and DevSecOps workflows
- Identify, assess, and proactively mitigate cybersecurity risk, providing risk-based recommendations to senior stakeholders
- Communicate security posture, risk, and compliance status clearly to executive and Government leadership to support informed decision-making
Benefits
- Health, dental, and vision insurance
- 401(k) retirement plan with company match
- Paid time off (PTO) and holidays
- Parental Leave and dependent care
- Flexible work arrangements
- Professional development opportunities
- Employee assistance and wellness programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
