"Alerted.org

Job Description

We are seeking an experienced Information System Security Manager (ISSM) or Information System Security Officer (ISSO) to support classified programs and ensure compliance with DoD cybersecurity policies and Risk Management Framework (RMF) requirements. This role involves implementing Assessment and Authorization (A&A) processes, maintaining system authorizations, conducting audits, and supervising security teams. The ideal candidate will have deep expertise in RMF, security tools, and compliance documentation, as well as strong leadership and communication skills for managing security operations and presenting technical reports.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Skills and Requirements

5+ years of experience with DoD cybersecurity policies and RMF implementation (e.g., NIST SP 800 series, CNSSI 1253).

Prior experience as an ISSO or ISSM supporting classified programs.

Experience assessing and documenting test or analysis data to demonstrate cybersecurity compliance.

3+ years of hands-on experience with RMF security tools and systems, including:

NESSUS

ACAS

DISA STIGs

Audit Tools

ESS

eMASS

PPS

Ability to perform security analysis of operational and development environments, threats, vulnerabilities, and interfaces.

Experience implementing A&A processes under RMF for new and existing systems.

Ability to maintain current Authorization to Operate (ATO) and Approval to Connect (ATC), and implement corrective actions from POA&M.

Experience facilitating MOUs, ISAs, and Risk Acceptance Letters.

Ability to develop and execute an Information System Continuous Monitoring (ISCM) strategy.

Experience auditing systems for security posture integrity and conducting compliance assessments.

Strong skills in risk assessment, incident response coordination, and recommending risk mitigations.

Ability to supervise security program development and deployment to meet enterprise requirements.

Experience managing teams to execute RMF effectively.

Strong communication skills for preparing, reviewing, and presenting technical reports and briefings. Experience with hardware/software inventory assessments.

Familiarity with DoD PPS Category Assurance List (CAL) and PPS Vulnerability Assessment reports.

Prior experience coordinating and participating in security audits and assessments.

Knowledge of registrar duties for ports, protocols, and services (PPS), including exception management and annual reviews.

Leadership experience in managing cybersecurity compliance for multiple systems.