Information Systems Security Manager (ISSM)

Entarian

$154K — $192K *
Information Technology
11 - 15 years of experience
Job Overview by Ladders

Qualifications

  • Active Top Secret security clearance with SCI eligibility
  • Bachelor's degree in Cybersecurity, IT, Computer Science, Engineering, or related field; equivalent experience considered
  • 15+ years in cybersecurity, information assurance, or system security activities in DoD or federal environments
  • 15+ years implementing and managing the RMF, including NIST standards and DoD processes
  • Experience leading ATO, IATT, and continuous monitoring for classified systems
  • Supervisory/mentorship experience with ISSOs or cybersecurity teams
  • Proven understanding of secure systems engineering, vulnerability and risk management

Responsibilities

  • Exercise cybersecurity management authority over assigned systems, ensuring security requirements are monitored throughout their lifecycle
  • Lead and manage the RMF lifecycle, including system categorization and risk management
  • Oversee and coordinate various authorization activities such as IATT and ATO
  • Develop and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), and other documentation
  • Provide technical oversight and mentorship for ISSOs in daily operations
  • Liaise with Authorizing Officials and stakeholders, communicating system risk and compliance
  • Conduct and oversee risk assessments, vulnerability assessments, and remediation planning

Benefits

  • Health, dental, and vision insurance
  • Life insurance and disability coverage
  • 401(k) plan with company match
  • Paid time off and holiday leave
  • Professional development and training opportunities
  • Flexible work arrangements and remote work options
Full Job Description
Overview/ Job Responsibilities

Position is contingent upon contract award and funding.

Entarian is seeking an experienced Information System Security Manager (ISSM) responsible for ensuring the cybersecurity posture, compliance, and accreditation of assigned information systems in accordance with applicable government and organizational requirements. The ISSM serves as the cybersecurity authority for assigned systems, providing strategic oversight of security engineering, risk management, and compliance activities throughout the system lifecycle. This role serves as the primary interface between technical teams, Information System Security Officers (ISSOs), system owners, engineering organizations, and the Authorizing Official (AO), ensuring cybersecurity requirements are effectively integrated into system design, development, implementation, and sustainment.

The ideal candidate will have demonstrated experience supporting large-scale defense or space environments involving space systems, ground infrastructure, mission operations, communications networks, cloud environments, or enterprise information technology capabilities.

Key Responsibilities may include, but not limited to:
  • Exercise cybersecurity management authority over assigned information systems, ensuring security requirements are effectively implemented, maintained, and continuously monitored throughout the system lifecycle.
  • Lead and manage the complete Risk Management Framework (RMF) lifecycle, including system categorization, security control selection and implementation, assessment, authorization, continuous monitoring, and ongoing risk management.
  • Oversee and coordinate Interim Authorization to Test (IATT), Authorization to Operate (ATO), Authorization to Connect (ATC), and other authorization activities, ensuring timely development, submission, and maintenance of accreditation packages.
  • Develop, maintain, and review System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), security policies, procedures, continuous monitoring documentation, and other RMF artifacts.
  • Provide technical oversight, mentorship, and quality assurance for Information System Security Officers (ISSOs) supporting day-to-day cybersecurity operations.
  • Serve as the primary cybersecurity liaison with the Authorizing Official (AO), Security Control Assessor (SCA), system owners, and government stakeholders, providing clear communication regarding system risk, compliance status, vulnerabilities, and authorization recommendations.
  • Conduct and oversee cybersecurity risk assessments, vulnerability assessments, security impact analyses, remediation planning, and POA&M management to reduce organizational risk.
  • Coordinate with system administrators, network engineers, software developers, systems engineers, cloud engineers, and mission partners to ensure security controls are effectively implemented and maintained.
  • Review proposed system changes, architecture modifications, software releases, and technology insertions to evaluate cybersecurity impacts and maintain accreditation.
  • Support cybersecurity engineering activities throughout system design, integration, testing, deployment, and sustainment.
  • Prepare for and support cybersecurity audits, inspections, assessments, and compliance reviews conducted by government organizations and external assessors.
  • Support incident response activities, cybersecurity investigations, and reporting requirements while ensuring appropriate documentation and corrective actions are completed.
  • Develop and deliver cybersecurity awareness guidance and training for system users and technical personnel.
  • Prepare executive-level cybersecurity briefings, risk assessments, compliance reports, and technical recommendations supporting senior government decision-makers.


Salary range: $154,000.00 - $192,000.00

Minimum Qualifications

  • Active Top Secret security clearance with SCI eligibility.
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related technical discipline. Equivalent experience may be considered.
  • Minimum fifteen (15) years of experience supporting cybersecurity, information assurance, or information system security activities within Department of Defense, Intelligence Community, or other federal environments.
  • Minimum fifteen (15) years of experience implementing and managing the Risk Management Framework (RMF), including NIST SP 800-37, NIST SP 800-53, CNSSI guidance, and DoD authorization processes.
  • Demonstrated experience leading Authorization to Operate (ATO), Interim Authorization to Test (IATT), and continuous monitoring activities for classified or mission-critical information systems.
  • Demonstrated experience supervising, mentoring, or managing Information System Security Officers (ISSOs) or cybersecurity teams.
  • Strong understanding of secure systems engineering principles, vulnerability management, configuration management, and cybersecurity risk management.
  • Experience supporting cybersecurity activities across complex enterprise, cloud, communications, mission operations, or space systems environments.
  • Experience coordinating with system owners, engineering organizations, cybersecurity stakeholders, and government authorizing officials.
  • DoD 8140 (or legacy DoD 8570) compliant cybersecurity certification such as CISSP, CISM, CAP, Security+, or another qualifying certification.
  • Proficiency with Microsoft Office Suite, including Word, PowerPoint, Excel, Project, and Outlook.
  • Ability to travel approximately 25% to support customer locations, mission partner engagements, cybersecurity assessments, and operational activities


Desired Qualifications

  • Experience serving as an ISSM for classified Department of Defense, Intelligence Community, or U.S. Space Force information systems.
  • Experience working directly with an Authorizing Official (AO), Security Control Assessor (SCA), Designated Authorizing Official Representative (DAOR), or similar cybersecurity governance authority.
  • Experience supporting cloud security, hybrid cloud environments, DevSecOps, Zero Trust initiatives, or continuous Authorization to Operate (cATO) implementations.
  • Experience supporting classified, SAP, SCI, or other controlled operational environments.
  • Familiarity with Enterprise Mission Assurance Support Service (eMASS), ACAS, HBSS/ESS, Microsoft Defender, Tenable, or comparable cybersecurity management tools.
  • Excellent written and verbal communication skills with the ability to brief senior government leadership and communicate cybersecurity risk to both technical and non-technical stakeholders.
  • Strong leadership, organizational, and cross-functional collaboration skills with experience supporting multidisciplinary engineering teams.


Join the Mission and Start your Career Journey: Apply Directly via our Careers Portal Connect,Referrals & Inquiries? Email the team: [email protected]

Similar Jobs

More Jobs at Entarian

More Information Technology Jobs

Find similar Information Systems Security Manager (ISSM) jobs: