JOB DESCRIPTION:

The ISSM is responsible for supporting the implementation of Information Assurance (IA) policy, regulatory compliance, and training requirements for assigned Project Office. You will ensure full implementation of the Information Assurance Vulnerability Management (IAVM) program, to include dissemination, reporting, and compliance procedures. Additionally, the ISSM will perform risk analyses and risk assessments, and ensure all Information Systems (IS) within the assigned Project Office are certified and accredited, as required by DoD and Army regulations and policy.
Position Responsibilities:

The successful candidate will work independently with minimal supervision and will be responsible for the following:

• Collaborate with system developers for each assigned system to gather and review security design and configuration details, enclave boundary defense strategies, vulnerability and incident management documentation, and all required Risk Management Framework (RMF) materials to ensure a compliant cybersecurity architecture.
• Ensure all assigned systems meet the requirements outlined in the contract’s Performance Work Statement (PWS), delivering solutions with a robust and compliant security baseline and architecture.

QUALIFICATIONS:

Required:

• Minimum of 7 years of relevant experience in cybersecurity, information assurance, or system security engineering.

  · A current, active Top Secret Clearance is required at time of hire.

• Hands-on experience with DoD and Army cybersecurity policies, RMF processes, and IA compliance requirements.

• Demonstrated ability to work independently and collaboratively with cross-functional teams to ensure secure system delivery.
• Ability to obtain an IAM Level III certification (e.g., CISSP, CISM, GSLC) withing six months of hire, in accordance with DoD 8570.01-M requirements.
• Willingness and ability to travel up to 25% to various CONUS locations as required by project needs.

Preferred:

• Bachelor’s degree (or equivalent experience) in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related technical discipline.
• Relevant certifications (e.g., CISSP, Security+, CEH, or CISM) are a strong plus and may substitute for formal education.

• Collaborate with system developers for each assigned system to gather and review security design and configuration details, enclave boundary defense strategies, vulnerability and incident management documentation, and all required Risk Management Framework (RMF) materials to ensure a compliant cybersecurity architecture.
• Ensure all assigned systems meet the requirements outlined in the contract’s Performance Work Statement (PWS), delivering solutions with a robust and compliant security baseline and architecture