We are seeking a highly skilled and experienced Information Systems Security Manager (ISSM) to join our team in Arlington, VA. The ideal candidate will have a strong background in cybersecurity policy implementation, particularly in compliance with NIST standards, Risk Management Framework (RMF), and the Federal Information Security Management Act (FISMA). The ISSM will play a critical role in ensuring the security and integrity of our organization's information systems and networks.
Recently awarded Contract - Good for the next 5 years
Location: Arlington, VA (Fully On-Site)Clearance Requirement: Top Secret (TS) Clearance and Sensitive Compartmented Information (SCI) Eligibility - Prefer current SCICertification Requirement: IAT Level 3 Certified

Responsibilities:Cybersecurity Policy Implementation: Develop, implement, and maintain cybersecurity policies, procedures, and guidelines in compliance with NIST, RMF, and FISMA regulations.Security Compliance: Ensure compliance with all applicable cybersecurity regulations, directives, and standards, including but not limited to NIST SP 800-53, NIST SP 800-171, and FISMA requirements.Risk Management: Conduct risk assessments and develop risk mitigation strategies to address vulnerabilities and threats to information systems and networks.Security Assessments and Authorization: Manage the security assessment and authorization (SA&A) process in accordance with RMF guidelines, including system categorization, security control selection, implementation, assessment, and authorization.Security Controls Implementation: Oversee the implementation and configuration of security controls to safeguard information systems and ensure compliance with security requirements.Incident Response: Develop and maintain incident response plans and procedures. Coordinate incident response activities and investigations as necessary.Security Training and Awareness: Develop and deliver cybersecurity training and awareness programs to educate personnel on security best practices and procedures.Continuous Monitoring: Implement and maintain continuous monitoring processes to detect and respond to security incidents and changes in the security posture of information systems.Security Documentation: Develop and maintain security documentation, including system security plans (SSPs), security assessment reports (SARs), and Plan of Actions and Milestones (POA&Ms).Security Clearance Management: Manage security clearance processes and ensure compliance with government regulations regarding personnel security clearances.