Information Systems Security Manager

Our Culture

DZYNE Technologies, we foster an environment that nurtures and rewards innovative thinking. We believe in the power of collaboration, where diverse perspectives are valued and respected, leading to innovative solutions and remarkable achievements. Our leaders lead by example, demonstrating and modeling our core values of emotional intelligence, teamwork, innovation, integrity, productivity, customer service, and a genuine commitment to the success of every individual. We celebrate our wins, big and small, and foster a sense of camaraderie through team activities, quarterly awards, and an end-of-the-year company holiday party. Our company culture is more than just words; it is a lived experience you’ll only get here at DZYNE.

Position: Information Systems Security Manager

Location: Irvine, CA, Fairfax, VA or Boise, ID – Onsite Required

Travel: Travel between our Irvine, CA, Boise, ID, and Fairfax, VA facilities may be required (25%)

Position Description:

DZYNE Technologies, Inc. is seeking a highly skilled Information Systems Security Manager (ISSM) to lead and oversee program-facing Information System (IS) security efforts across classified and unclassified environments. This position will be responsible for ensuring the security and compliance of both on-premises and cloud-based systems, including Microsoft Azure GCC High and Amazon AWS GovCloud, for a variety of government programs.

Reporting to the VP, Information Technology and Security, the ISSM will play a critical role in secure system design, compliance, and accreditation while also integrating DevSecOps best practices into engineering workflows. The ideal candidate will have extensive experience obtaining and maintaining Authority to Operate (ATO) approvals, working within the Risk Management Framework (RMF) to ensure compliance with NISPOM (32 CFR), DAAPM, ICD 503, STIGs, Joint Special Access Program Implementation Guide (JSIG), and associated NIST publications. The primary software development environment is GitLab in Azure GCC High, requiring expertise in securing CI/CD pipelines, repository management, and software deployment in regulated cloud environments.

Required Skills and Responsibilities:

• Lead ATO processes, including the development, submission, and maintenance of security documentation (SSPs, POA&Ms, Risk Assessments, and continuous monitoring plans)
• Develop and implement secure system architectures for classified and unclassified environments, including on-premises networks and cloud platforms (Microsoft Azure GCC High, AWS GovCloud)
• Administer and maintain security controls for cloud-based systems, ensuring compliance with government security requirements (FedRAMP, NIST 800-171, CMMC, JSIG, ICD 503, and STIGs)
• Secure and monitor GitLab in Azure GCC High, ensuring software development practices adhere to security policies and compliance requirements
• Integrate security into CI/CD pipelines and work closely with engineering teams to implement DevSecOps best practices for secure software development and deployment
• Serve as the primary security liaison between engineering teams, government program officials, and accrediting authorities, ensuring security compliance across all system lifecycles
• Support adherence to RMF compliance requirements, ensuring program security meets the highest regulatory standards
• Conduct security audits and assessments of program systems, identifying risks and ensuring continuous monitoring plans are executed effectively
• Support corporate IT initiatives by collaborating on enterprise security improvements while maintaining a program-focused approach
• Investigate security incidents, ensure compliance with reporting requirements (DCSA, PSO, SSO), and lead remediation efforts
• Other assigned duties as provided by DZYNE’s VP of Information Technology and Security

Required Qualifications:

• Bachelor’s degree in Information Security, Computer Science, Engineering, or a related field. Additional related work experience will be considered in lieu of a degree
• 6 years of experience in ISSM or Information Security roles supporting classified programs
• Extensive hands-on experience obtaining and maintaining ATO approvals under RMF, DAAPM, and NISPOM (32 CFR)
• DoD 8570 IAM Level II and III certifications required, such as (ISC)² CISSP or ISACA CISM; hands-on GIAC certifications (e.g., GISP, GPEN, GWAPT, or GCIH) are a highly preferred
• Extensive knowledge of network and communication equipment, protocols, and troubleshooting tools
• Strong hands-on experience with Microsoft Azure GCC High and AWS GovCloud security implementations
• Experience with GitLab security in Azure GCC High, including repository security, access controls, and secure CI/CD pipeline integration
• Experience with DevSecOps principles, including automation, container security, and CI/CD security
• Proficiency with security tools such as eMASS, Nessus, Splunk, ACAS, SIEM solutions, and endpoint security tools
• Experience with RMF accreditation for SIPRNet, JWICS, and SAP-related systems
• COMSEC experience as a primary or alternate COMSEC custodian
• Experience in obtaining SIPRNet, JWICS, and SAP related system accreditations is a plus
• Strong experience with eMASS
• Must have the ability to work in a dynamic environment and effectively interact with program managers, technical staff, DOD military / civilian personnel, and industry partners
• Possess a high degree of professionalism and initiative requiring minimal supervision

Security Clearance Requirements:

• Top Secret with ability for SCI eligibility strongly preferred
• Eligibility for access to Special Access Programs

US Citizenship Required: This position will require a DoD security clearance that requires U.S. citizenship

Salary: $130,000 - $170,000 annually

Salary depends on relevant work experience, education, training, essential skills, and/or other factors such as specialized or high-demand professions. In addition to the annual salary, the position will be eligible for an annual bonus. The pay range for this job level is a general guideline only and not a guarantee of salary or annual bonus.

Our benefits are DZYNE’ed for your overall health and financial wellness. DZYNE provides comprehensive medical, dental, and vision plans, employee life and accidental death, and disability, with all premiums for our employees paid for by DZYNE Technologies. DZYNE provides paid time off and paid holidays. Additionally, DZYNE offers a 401K plan with an employer match.