Overview

Information Systems Security Manager (ISSM)

Location: Hurlburt Field, FL, JBSA, TX, and Keesler AFB, MS

Job Status: Full time 

Clearance: Top Secret

Astrion has an exciting opportunity coming up for an ISSM to join our team and support the 39th Information Operations Squadron (39 IOS).

We are preparing to hire for Journeyman, Senior, and SME levels. We anticipate a start date in March/April 2026.

Cyber Operations Formal Training Support III (CyOFTS III) is a Cyber Schoolhouse program supporting delivery, development, and sustainment of cyber training across operationally relevant mission sets. The team supports instruction, curriculum and content development, training operations, and program execution at multiple Air Force and joint training locations. 

REQUIRED QUALIFICATIONS / SKILLS 

• Active Top Secret clearance 

• IAT/M Level III certification

• Education and Experience will depend on the labor category level.
  • Previous Information System Security experience is required.

RESPONSIBILITIES

• Perform Information Systems Security Manager duties consistent with the labor category and required RMF experience.
• Support Risk Management Framework (RMF) activities consistent with the required experience timeframe.
• Support functions aligned to DCWF work roles (Information Systems Security Manager; Security Control Assessor; Cyber Defense Incident Responder) as applicable.
• You will understand cybersecurity concepts and methodologies at the professional level with knowledge equivalent to: Certified Information Systems Security Professional, or similar certifications.
• You will direct, oversee, and manage and perform records management for all Account Forms including, but not limited to: Authorized User Agreements and associated user forms for all networks required for duty at the 39 IOS, System Authorization Access Requests, Privileged User Agreements, 8570/8140 validation, Operating System Certification validation, and associated user forms.
• You will manage and update MICT checklists for assigned programs including, but not limited to: Privileged User, 17-1301 COMPUSEC, and 17-101 RMF.
• You will verify Cybersecurity Awareness training for all students as well as maintaining appointment letters for Program Managers, ISSO, ISSM, ISSE, Systems Administrators, Client Systems Technicians, and Cybersecurity Liaisons.
• You will ensure equipment inspection prior to entry and exit of the facilities and ensure entry and exit logs are accomplished as well as overseeing and performing wireless scanning throughout the facility to ensure no rogue activity.
• You will review, update, and enforce Media Control policy including, but not limited to: Issuing and tracking removable media and ensuring media sanitization along with reviewing equipment purchase requests to ensure items are on approved products listings and meet requirements to enter the facilities.
• You will direct and conduct network audits and review vulnerability scans on all networks used by the 39 IOS as well as responding to any vulnerabilities appropriately while overseeing and performing COMPUSEC and Information Security (INFOSEC) duties.
• You will validate administrator accounts on all networks and respond to any discrepancies appropriately by monitoring, validating, and reporting administrators 8570/8140 certification status.
• You will respond to incidents and oversee response and reporting to include but not limited to: performing random walkthroughs, bag inspections with the Security team and review, update, and enforce contingency plan policy
• You will ensure cybersecurity marking and standards enforcement including but not limited to: Classification stickers and markings on all systems, Bomb threat aids posted by all phones, and Combined Security Cards are posted by all workstations.
• You will answer all TASKORDS/ taskers by MAJCOM for action on unit owned networks including but not limited to: vulnerability remediation and data calls.
• You will oversee the Risk Management Framework (RMF) process for all networks owned and operated by the 39 IOS including, but not limited to: answer data calls, prepare system package, categorize system by guiding documents, select security controls for risk mitigation, implement security controls, assess security control effectiveness, monitor system and update accreditation package, Security Impact Analysis (SIA) submissions for tenants requesting changes and install of new software, and respond to and coordinate requirements for accreditation package not owned by the squadron.
• You will order, issue, manage, and account for all tokens granting access to networks to include auditing and inventorying the issuance of student user tokens.
• You will manage the Cybersecurity Liaison program for the squadron under the direction of the Wing Cybersecurity Office by reviewing, updating, and enforcing the Security Concept of Operations (SECONOPS) policy
• Maintain and apply required IAT/M Level III certification within the scope of assigned duties.