Information Systems Security Manager

By /

Job Description:

The Information Systems Security Manager is responsible for managing and overseeing the cybersecurity posture of assigned information systems in compliance with Department of Defense (DoD) and federal cybersecurity regulations. This role requires expertise in the Risk Management Framework (RMF) and Assessment & Authorization (A&A) processes, ensuring systems maintain Authority to Operate (ATO) status while protecting the confidentiality, integrity, and availability of information assets. Advanced proficiency in Enterprise Mission Assurance Support Service (eMASS) is required to manage, document, and submit system security packages.

Key Responsibilities:

  • Lead and manage the implementation of RMF processes for assigned systems, including categorization, security control selection, implementation, assessment, authorization, and continuous monitoring.
  • Oversee and coordinate all A&A activities to achieve and maintain system accreditation in accordance with DoD and federal guidelines.
  • Utilize eMASS to input, update, and track all required RMF security package documentation, ensuring accuracy and completeness.
  • Prepare and submit required eMASS artifacts for accreditation and re-accreditation of systems, including package validation prior to submission to the Authorizing Official (AO).
  • Develop, maintain, and update System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and other required cybersecurity documentation.
  • Monitor systems for security vulnerabilities, incidents, and compliance gaps, implementing corrective actions as necessary.
  • Collaborate with ISSOs, system administrators, network engineers, and program stakeholders to integrate cybersecurity requirements into design, development, and operational processes.
  • Conduct periodic self-inspections and security reviews to ensure compliance with applicable security policies, procedures, and standards.
  • Serve as the primary liaison between the organization, Authorizing Official (AO), and security assessors during the A&A process.
  • Provide security guidance and training to technical teams, users, and management to promote a strong security culture.
  • Stay current on emerging threats, vulnerabilities, and evolving cybersecurity requirements to proactively strengthen system defenses.

Qualifications:

  • Active Security+ certification required; CISSP certification preferred.
  • Advanced proficiency in eMASS and experience with DoD RMF and A&A processes.
  • Active DoD Secret clearance required.
  • Experience working with classified and unclassified systems and data.
  • Strong communication and collaboration skills.

Work Location and Hybrid Work Arrangement:
The primary place of performance for this position is Northern Virginia. On-site presence is required for scheduled meetings, coordinated sessions, and mission-critical activities as determined by leadership. Outside of these requirements, the role supports telework in accordance with organizational policies and mission needs. Additional work locations may be determined in coordination with the government, as necessary.

Compensation:

Competitive Salary

Medical Insurance

Dental Insurance

Vision Insurance

Disability Insurance

401K

Job Category: Information Systems Security Manager
Job Type: Full Time
Job Location: Hybrid

Apply for this position

Allowed Type(s): .pdf, .doc, .docx
GET IN TOUCH

How can IMS Consulting support you?

Name(Required)
Email(Required)
Please let us know what's on your mind. Have a question for us? Ask away.
Scroll to Top