Cybersecurity – Information System Security Manager (ISSM)

Cybersecurity – ISSM to lead the implementation and sustainment of DFARS/NIST SP 800-171 and CMMC controls for systems handling CUI, ensuring continuous compliance, risk management, and program management across a large portfolio. Develop and maintain security documentation (SSP and POA&Ms), coordinate audits/remediation with program stakeholders and assessors, and drive ongoing monitoring to protect CUI per DFARS 252.204-7012 and CMMC requirements. Responsibilities include leading ISSOs in governance of CUI/DFARS/CMMC, performing security analyses of environments, overseeing configuration management and system auditing, guiding assessments with test data to document compliance, conducting risk assessments and incident response activities, conducting inventories of hardware/software, and advising management and customers on advanced cybersecurity research. Interfaces with government customers, suppliers, and internal teams to ensure understanding and compliance with cybersecurity requirements. Required IAM Level III certification and 5+ years RMF experience; preferred RMF tool experience (NESSUS, ACAS, DISA STIGs, SCAP, HBSS) and prior ISSO/ISSM experience on classified programs.