Everforth ECS is seeking a Senior Information System Security Officer (ISSM) to work out of the customer site in Ft. Meade, MD.

Everforth ECS is seeking a seasoned Senior InformationSystem Security Manager (ISSM) to support DISA-owned Impact Level (IL) IL6 programs in an operational DoW environment inside Microsoft's Isolated Secret Region (MS-ISR) that houses multiple U.S. Coalition Mission Partner Environments (MPE). This role operates in a hybrid onsite/remote capacity. The ISSM serves as the senior cybersecurity authority responsible for managing the cybersecurity program, overseeing risk and compliance, and maintaining the security posture of information systems within the authorization boundary.

This position is a fast-paced, mission-focused role that requires sound cybersecurity judgment, attention to detail, and the ability to both lead and execute authorization, compliance, and continuous monitoring activities across multiple enclaves in a dynamic Azure DoW environment. The ideal candidate has extensive ISSM experience supporting classified DoW programs, expert knowledge of RMF and NIST 800-53 controls, and familiarity with cyber tools such as ACAS, Trellix, and SIEM platforms. As part of a focused cybersecurity team, this role requires someone who can provide senior level direction while also directly contributing to artifact review, risk documentation, control validation, POA&M management, and day-to-day ATO support - all within an organization that values operational security and contributes to national security. The Senior ISSM reports to the Senior Technical Program Manager.

Job Responsibilities:

The Senior ISSM serves as the senior cybersecurity lead for the program, advising leadership while directly supporting RMF, ATO maintenance, risk management, and continuous monitoring activities across the Azure environment.

• Serve as the senior cybersecurity lead for the program, advising leadership while directly supporting RMF, ATO maintenance, risk management, and continuous monitoring activities across the Azure environment.
• Lead:
  • Cybersecurity activities for a DoD Azure environment operating under a shared ATO boundary with multiple mission enclaves.
  • POA&M governance by reviewing open risks, validating remediation plans, tracking milestone progress, and ensuring closure evidence is complete and defensible.
• Oversee day-to-day execution of the cybersecurity program, including security authorization documentation, compliance tracking, vulnerability management, control validation, and risk reporting.
• Maintain overall accountability for the program's RMF posture, including ATO sustainment, continuous monitoring, POA&M management, and security control implementation.
• Provide direction and support to the ISSO, Cyber Engineer, and Cyber Analyst while also contributing directly to artifact review, documentation updates, and risk management activities.
• Review and approve RMF and ATO artifacts, including control implementation details, assessment evidence, POA&Ms, risk documentation, system diagrams, inventories, and continuous monitoring deliverables.
• Ensure eMASS records remain accurate and current, including security controls, artifacts, assessment results, POA&Ms, milestones, and authorization package documentation.
• Review vulnerability, STIG, ACAS, Trellix, and Sentinel data to assess risk, prioritize remediation, and communicate security posture to program leadership and government stakeholders.
• Coordinate with engineers, system administrators, cloud teams, mission enclave stakeholders, and government cybersecurity personnel to resolve findings and maintain compliance.
• Assess cybersecurity impacts of planned architecture, configuration, infrastructure, cloud, and boundary changes within the Azure environment.
• Support:
  • Security control assessments, audit readiness, continuous monitoring reviews, and authorization package updates for classified systems.
  • Review of incident response activities, security events, and operational findings to ensure appropriate documentation, escalation, reporting, and follow-up.
• Prepare and present cybersecurity status, risk summaries, POA&M metrics, vulnerability trends, compliance gaps, and ATO readiness updates to program and government leadership.
• Serve as the primary cybersecurity point of contact for DISA government stakeholders, including DISA cyber teams, assessors, auditors, program leadership, and internal program teams supporting RMF, ATO, continuous monitoring, risk, and compliance activities.
• Ensure cybersecurity documentation remains aligned with the operational environment, including enclave-specific mission needs, shared services, inherited controls, and authorization boundary considerations.
• Drive continuous improvement of cybersecurity processes, documentation quality, artifact management, reporting, and coordination across the cyber team.
• Other duties, as assigned.

• U.S. Citizen.
• Active Secret clearance with ability to obtain TS/SCI.
• Active CISSP, CISM, GSLC, or other DoW 8140 IAM Level III certification.
• Ability to work four days per week onsite at Fort Meade, MD, with one remote day per week permitted based on program needs and operational requirements.
• 10+ years of experience supporting DoW RMF, ATO maintenance, continuous monitoring, security authorization documentation, and cybersecurity compliance for classified systems.
• Prior ISSM, senior ISSO, security control assessor, or cybersecurity lead experience supporting DoW, DISA, or federal information systems.
• Hands-on experience with eMASS or similar RMF/GRC platforms, including control documentation, artifact management, POA&M oversight, risk documentation, assessment results, and authorization package maintenance.
• Experience leading or directly supporting the full RMF lifecycle, including control implementation, evidence validation, security assessment support, risk management, POA&M governance, and ATO sustainment.
• Strong working knowledge of NIST SP 800-53 controls, DoW RMF processes, continuous monitoring requirements, and cybersecurity assessment documentation.
• Experience supporting cloud authorization activities involving inherited controls, shared services, interconnections, federation, or boundary changes.
• Experience reviewing, validating, and approving DISA STIG artifacts, vulnerability evidence, remediation plans, mitigations, and closure documentation.
• Experience overseeing vulnerability management activities using ACAS/Nessus, including scan results review, remediation prioritization, POA&M alignment, and risk reporting.
• Familiarity with endpoint security, SIEM, and cyber monitoring tools such as Trellix, Microsoft Sentinel, or similar platforms.
• Practical understanding of secured IT infrastructure, particularly Windows, RHEL, and Azure environments, with the ability to evaluate how network, identity, server, endpoint, authentication, logging, and core service components affect security, compliance, and authorization posture.
• Experience coordinating directly with government cybersecurity stakeholders, assessors, auditors, technical teams, and program leadership on RMF, ATO, risk, and compliance activities.
• Ability to translate technical security findings, vulnerabilities, control gaps, and operational risks into clear risk-based recommendations for leadership and government stakeholders.
• Strong written and verbal communication skills, including the ability to develop, review, and present cybersecurity documentation, risk summaries, POA&M status, compliance metrics, and authorization package materials.
• Ability to provide senior-level direction to ISSOs, cyber engineers, analysts, and technical teams while also contributing directly to day-to-day cybersecurity execution.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).