Description:
Sonalysts, Inc. is seeking an Information Systems Security Manager (ISSM) with critical thinking and effective communication skills to join our system development team responsible for mission-critical, training, and real-time military software applications that will be deployed in commercial and/or private environments.
The ISSM position will require the potential partner to work on-site in Colorado Springs, CO and may require some travel in support of the project.
Submission Deadline: August 22, 2025
Prompt responses are encouraged because the deadline could be accelerated or delayed if, in our judgement, either is warranted.

REQUIRED QUALIFICATIONS:

• Must be a U.S. Citizen, possessing an active U.S. Department of Defense (DoD) SECRET security clearance *
• Bachelor’s degree in an Information Technology-related field and five years of relevant information systems security experience; or ten years’ relevant Information Systems security experience
• Hold a current DOD Information Assurance Workforce (IAWF) Level II (or higher) IAM or IAT certification(s) (e.g., GSEC, Security+, SSCP, CCNA-Security, CISA, CISM, GCIH, CGED, CISSP, CASP)
• Experience in Enterprise Mission Assurance Support Service (eMASS) to manage RMF packages

Preferred, but not required, experience in the following:

• Possessing an active U.S. Department of Defense (DoD) TOP SECRET security clearance*
• A Level III DoD IAWF Certification
• Working knowledge of Microsoft Active Directory, including Group Policy Operations.
• Experience with administration of Microsoft Windows Server 2016 (or higher)
• Experience with administration of Microsoft Windows 10 (or higher)
• Experience with Red Hat Enterprise Linux OS
• Experience creating, maintaining, enforcing, training Security policies
• Experience communicating security policy and concepts to leadership and differing experience levels
• Experience with security administration of a DoD classified network/information system.
• Experience with network monitoring, testing and troubleshooting tools/utilities
• Working knowledge of Microsoft SQL server
• Experience with vulnerability scanning tools and techniques (Nessus/ACAS, Nmap, Eye Retina, Nexpose, Metasploit), Security Information and Event Management (SIEM) tools (Splunk, ArcSight, etc.) and techniques
• Knowledgeable in the use of scripting languages/tools to automate information system administration and security functions (Shell Script, PowerShell, Python, Bash etc.)
• Experience with Security Content Automation Protocol (SCAP) tools
• Experience with STIG Viewer
• Maintaining a U.S. Government security clearance involves a comprehensive background check. Candidates are eligible for a clearance if they have demonstrated sound financial management (including good credit) over time, are free of criminal records, have limited foreign contacts or ties, and other factors indicative of a position of trust to protect information sensitive to the U.S. Government.

Sonalysts, Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against on the basis of, race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, disability, or other basis protected by law.
Drug Testing Employer
www.sonalysts.co

• Leading and Managing assigned Information Systems Security professionals.
• The ISSM leads the planning, organization, maintenance and information systems security compliance of classified information systems in accordance with the NISPOM, Risk Management Framework (RMF), DCSA Assessment & Authorization Process Manual, and DoD component-specific security requirements.
• Responsible for a growing and complex portfolio of systems each with their own unique requirements and projects
• Identifying, managing and resolving information system vulnerabilities by performing vulnerability scans, analyzing results, and implementing remediation actions.
• Maintaining up-to-date Plan of Action and Milestones (POA&M)
• Maintains information system security plans, contingency plans, incident response plans, and other critical processes for all systems under their responsibility
• Monitors day-to-day server and network security operations and personnel
• Maintaining documentation used to support audits and inspections
• Accountable for inventory of hardware and software
• Leads Configuration Control Board (CCB) and configuration management activities for all systems under their responsibility
• Communicating daily with project stakeholders (software developers, testers, etc.) to ensure business events and activities are supported
• Installing, configuring, upgrading software, troubleshooting and resolving network/computer/peripheral issues as needed
• Occasionally traveling to receive training or to complete system installations