Modern Technology Solutions, Inc. (MTSI) is seeking an Information System Security Manager (ISSM) with a TS/SCI Clearance at Wright-Patterson AFB, Ohio. MTSI is known for its interesting work, values that prioritize employees, and a 100% employee ownership model. The company offers great benefits, including starting PTO accrual, flexible schedules, a 401k match, and tuition reimbursement. Founded in 1993, MTSI has a track record of success and provides high-demand technical expertise in various fields including Cybersecurity and Mission Assurance.
Job Summary: We are seeking a skilled and proactive Information System Security Manager (ISSM) to support our critical DoD programs. The successful candidate will be instrumental in ensuring the confidentiality, integrity, and availability of highly sensitive information systems within various DoD environments, including Special Access Programs (SAP) and Sensitive Compartmented Information (SCI). You will primarily focus on implementing the Risk Management Framework (RMF) process, developing and maintaining Authorization to Operate (ATO) packages, and providing cybersecurity guidance to ensure compliance with stringent government regulations.
Key Responsibilities:• Support all phases of the DoD Risk Management Framework (RMF) lifecycle, from system categorization and security control selection to implementation, assessment, authorization (ATO), and continuous monitoring.
• Develop, review, and maintain comprehensive Authorization to Operate (ATO) packages, including System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), vulnerability assessment reports, and other supporting documentation.
• Conduct thorough system evaluations and security assessments to identify vulnerabilities, assess risks, and ensure compliance with DoD, USAF, and NIST regulations and policies.
• Develop, write, and update cybersecurity policies, procedures, and guidance documents to maintain a strong security posture for organizationally maintained systems.
• Provide cybersecurity guidance and support to development environments.
• Collaborate effectively with various stakeholders, including Security Control Assessors (SCAs), Program Security Officers (PSOs), Special Security Officers (SSOs), Authorizing Officials (AOs), and their designated representatives.
• Support the secure operation of information systems across various classification levels: Special Access Programs (SAP), Sensitive Compartmented Information (SCI), Secret, and Controlled Unclassified Information (CUI) environments.
Required Qualifications:• Experience: Minimum of ten (10) years of progressive experience in DoD cybersecurity to include direct support of SAP and/or SCI environments.
• Certifications: Possess at least one of the following baseline certifications, meeting DoD 8570.01-M / 8140.03 IAT Level II or IAM Level I/II requirements:
- CompTIA CASP+
- GIAC Certified RMF Practitioner (CGRC) / ISC2 Certified Authorization Professional (CAP) or equivalent.
• Clearance: Active Top Secret (TS) security clearance with current eligibility for Special Access Programs (SAP) and Sensitive Compartmented Information (SCI).
• Expertise:
- In-depth understanding and practical experience with the DoD Risk Management Framework (RMF) process.
- Strong knowledge of DoD, USAF, and NIST cybersecurity regulations, policies, and guidelines, including the Joint Special Access Program (SAP) Implementation Guide (JSIG).
- Experience with system evaluations, vulnerability management, and security posture assessments.
- Proficiency in writing clear, concise, and comprehensive cybersecurity policies, procedures, and technical documentation.
• Physical Requirements: Ability to lift up to 50 lbs.
Preferred Qualifications:• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related technical field.
• Advanced cybersecurity certification such as CISSP, CISM, or equivalent (meeting IAM Level III requirements).
• Experience supporting DoD classified guest systems.
• Familiarity with obtaining L-Numbers for system authorizations.
• Experience with Air Force Form 1067, Information Technology Network Request - (ITNR) processes for system changes.
• Understanding of DevSecOps environments and Continuous Integration/Continuous Delivery (CI/CD) pipelines.
• Familiarity with log management and SIEM tools.
Working Conditions:• This is a 100% on-site position.
• Occasional travel may be required to support mission requirements or attend training.
#LI-ZS1
