HiringCafe
Posted 3mo ago

Information Systems Security Manager (ISSM) - SME

@ Avint
View All Jobs
Bedford, Massachusetts, United States
$165k-$175k/yrOnsiteFull Time
Responsibilities:support RMF, conduct risk, recommend policies
Requirements Summary:Active Top Secret clearance; Master’s degree; CISSP or equivalent; 15 years experience (5 in DoD); DoD RMF and cyber security expertise; on-site role.
Technical Tools Mentioned:NIST RMF, DoD directives, eMASS, AFI 33-200, AFI 33-210, AFMAN 33-285, RMF process
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Avint is hiring a Information Systems Security Manager (ISSM) - SME to support and protect critical DoD cloud-based systems. In this role, you’ll be part of a high-performing team responsible for implementing and overseeing all phases of the Risk Management Framework (RMF) while supporting day-to-day cybersecurity operations. You’ll work at the intersection of security, compliance, and mission impact, helping ensure systems are secure, resilient, and aligned with DoD and Air Force requirements.

*This role is 100% ON-SITE at Hanscom Air Force Base in MA*

*This role requires an ACTIVE Top-Secret clearance*

The individual in this role, will be a member of the team implementing and overseeing all phases of the RMF process and day-to-day cybersecurity activities for DoD cloud-based systems. Primary responsibilities are listed below.

  • Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF).
  • Recommending policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data.
  • Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
  • Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations’ visions and goals.
  • Conducting systems security evaluations, audits, and reviews.
  • Recommending systems security contingency plans and disaster recovery procedures.
  • Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
  • Participating in network and systems design to ensure implementation of appropriate systems security policies.
  • Facilitating the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes.
  • Assessing security events to determine impact and implementing corrective actions.
  • Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.
  • Perform the Information System Security Engineer (ISSE) duties in an Information Assurance Workforce System Architecture and Engineering (IASAE) position as outlined in AFI 33-200, AFI 33-210 and AFMAN 33-285 for assigned systems.
  • Perform the Information System Security Officer (ISSO) duties as outlined in DoDI 8510.01for assigned systems/applications.
  • Perform the Information System Security Manager (ISSM) duties as outlined in DoDI8510.01 for assigned systems/applications.