OverviewThe Information Systems Security Manager (ISSM) is responsible for the management, oversight, compliance, and security posture of classified information systems supporting Department of Defense (DoD) programs and contracts. The ISSM serves as the organization's principal authority for classified cybersecurity and works closely with government customers, DCSA representatives, program managers, and external vendors to ensure compliance with DoD cybersecurity and classified information handling requirements.
The ISSM will lead the design, implementation, accreditation, and ongoing management of classified information systems supporting Department of Defense (DoD) programs, as well as establishing a new SIPRNet-capable classified computing environment from initial planning through Authorization to Operate (ATO) and sustainment.
This role requires a hands-on leader capable of building classified infrastructure, developing security documentation, managing Risk Management Framework (RMF) activities, implementing technical controls, and maintaining compliance with all applicable government regulations.
ResponsibilitiesInformation System Security Management- Serve as the designated ISSM for classified information systems supporting DoD contracts and programs
- Develop, implement, and maintain system security policies, procedures, and documentation
- Ensure compliance with NISPOM, DAAG, RMF, and applicable government security requirements
- Maintain system authorization packages and support Authorization to Operate (ATO) efforts
- Coordinate with government Authorizing Officials (AO), Security Control Assessors (SCA), Information System Owners (ISO), and cybersecurity stakeholders
SIPRNet Enclave Development & Implementation- Lead the planning, design, and deployment of a new SIPRNet-connected infrastructure
- Coordinate with government sponsoring agencies, DISA, and program stakeholders to establish classified network connectivity
- Develop enclave architecture supporting classified processing, storage, and transmission requirements
- Define and implement security boundaries, network segmentation, and defense-in-depth controls
- Coordinate procurement, installation, and configuration of classified IT infrastructure
- Ensure all SIPRNet infrastructure complies with DISA and customer requirements
COMSEC Program Management- Serve as the COMSEC Account Manager and primary point of contact for all COMSEC-related matters involving classified communications systems
- Manage the COMSEC program in accordance with National Security Agency (NSA), DoD, and customer-specific requirements
- Develop COMSEC policies, procedures, and local operating instructions to support classified network operations
- Ensure proper safeguarding, accountability, storage, transfer, destruction, and inventory of COMSEC material
- Maintain compliance with applicable Communications Security policies, regulations, and inspection requirements
Incident Response- Investigate cybersecurity incidents affecting classified systems
- Coordinate reporting and response activities in accordance with DoD and DCSA requirements
- Support forensic preservation, root-cause analysis, and corrective action implementation
- Maintain incident documentation and reporting records
Audits and Inspections- Prepare systems and supporting documentation for DCSA inspections, customer assessments, and cybersecurity audits
- Support internal and external compliance reviews
- Respond to findings and ensure timely corrective actions
- Maintain audit-ready security records and accreditation artifacts
Security Awareness and Training- Provide cybersecurity guidance to program personnel and system users
- Deliver security awareness training related to COMSEC and handling classified information systems
- Mentor Information System Security Officers (ISSOs) and administrators on compliance requirements and best practices
- Uphold the company's core values of Integrity, Innovation, Accountability, and Teamwork
- Demonstrate behavior consistent with the company's Code of Ethics and Conduct
- It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem
- Duties may be modified or assigned at any time to meet the needs of the business
Qualifications- Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Engineering, or related discipline preferred. Equivalent military or industry experience may be substituted
- 8+ years supporting classified information systems in DoD or Intelligence Community environments.
- 5+ years serving as ISSM or senior ISSO
- Demonstrated experience standing up classified networks or SIPRNet environments.
- Experience leading RMF authorization efforts from system inception through ATO.
- Experience working directly with:
- DISA
- DCSA
- Government cybersecurity offices
- Defense contractors
- Experience supporting secure facility buildouts and classified infrastructure deployments
Security Clearance• Active Secret Clearance required
• TS eligibility preferred
Certifications Required (one or more):
- CISSP
- CASP+
- CISM
- Security+
- CEH
- GSLC
- CCSP
- CAP (Certified Authorization Professional)
Must meet DoD 8570 / 8140 workforce requirements applicable to the position
Preferred Qualifications- Previous experience building SIPRNet enclaves from inception or supporting them.
- Experience with DISA connection approval processes.
- Experience supporting classified cloud or hybrid environments.
- Experience with Cross Domain Solutions (CDS).
- Prior military cyber, communications, intelligence, or network operations experience
Please review our benefits here: Life at OSIPay may range from $145,000 to $155,000 annually
The pay range above represents annual base salary only. Final compensation will be determined based on factors such as your job level, geographic location, date of hire, experience, job-related knowledge and skills, and education in conjunction with market and business considerations.
Base salary is one component of your total rewards package. You may be eligible for long-term incentives, potential discretionary bonuses, and the ability to purchase company stock at a discounted rate through the Employee Stock Purchase Program (ESPP). OSI also offers comprehensive benefits including various options for health plans, access to 401(k) retirement plan, health savings account, disability insurance, life insurance, AD&D insurance, leave of absence programs and an array of voluntary benefits. In addition, paid time off is offered to be used for vacation, holidays, bereavement, and jury duty. Full-Time salaried employees are entitled to flexible time-off.