Information System Security Manager

Job Title: Information System Security Manager (ISSM)

Location: Arlington, Virginia

Clearance Level: Top Secret Clearance (SCI Eligibility preferred)

Summary

SecuriGence delivers essential technology services supporting critical national security missions. We seek an Information System Security Manager (ISSM) to lead and strengthen our security posture. This role requires a unique blend of strategic vision, technical expertise, and operational leadership to ensure our sensitive systems and data governance, confidentiality, integrity, and availability.

You will collaborate closely with MNSS leadership, technology teams, and DARPA stakeholders to develop and implement comprehensive security strategies, vision, processes, and protocols. Your expertise will be instrumental in mitigating risks, responding to threats, and maintaining compliance with evolving cybersecurity standards.

Responsibilities

Strategic Leadership:

• Security Vision: Develop and evolve a comprehensive cybersecurity strategy that aligns with DARPA's mission, technological landscape, and evolving threat environment, utilizing your experience mapping critical information systems to business objectives and ensuring security through process resiliency.
• Risk Management: Lead the identification, assessment, and mitigation of cybersecurity risks, balancing operational needs with security requirements, drawing on your experience conducting site assessments, and developing logistical plans.
• Policy Development: Establish and maintain security policies, procedures, and standards that meet or exceed DoD and industry best practices, leveraging your expertise in developing and enforcing cybersecurity policies for performers and military organizations.
• Compliance: Ensure adherence to all relevant security regulations, including NIST RMF, DoD STIGs, and other applicable mandates, building on your experience leading successful CCRIs and achieving high compliance scores in cybersecurity inspections.
• Security Advocacy: Promote a strong security culture within SecuriGence and DARPA, fostering awareness and proactive engagement through training programs and knowledge sharing, similar to your experience implementing volunteer training programs.

Security Operations Management:

• Team Leadership: Lead and mentor a team of cybersecurity professionals, fostering a high-performing and collaborative environment, drawing on your extensive experience managing teams of contractors, civilians, and military personnel in various capacities.
• Incident Response: Develop and implement an effective incident response plan, ensuring swift detection, containment, and remediation of security incidents, utilizing your experience in resolving critical security incidents and minimizing operational disruptions.
• Vulnerability Management: Establish a robust vulnerability management program that exceeds the DOD mandate of regular scanning, assessing, and remedying vulnerabilities. Leverage your experience in managing cybersecurity vulnerabilities and implementing security controls.
• Security Monitoring: Oversee 24/7 security operations, including continuous monitoring of networks, systems, and data for anomalies and potential threats, building on your experience managing security operations centers and monitoring critical network infrastructure.
• Threat Intelligence: Stay abreast of emerging threats and vulnerabilities, adapt security strategies and controls as needed, and draw on your experience in cyberspace planning and conducting threat analysis.

Technical Expertise:

• Security Architecture: Design and implement secure architectures for systems, networks, and applications, incorporating defense-in-depth strategies, utilizing your experience in engineering and stabilizing enterprise systems through virtualization and tools convergence.
• Security Assessments: Conduct thorough security assessments and audits, identifying weaknesses and recommending corrective actions, leveraging your experience in conducting site assessments and evaluating technologies to support secure IT architectures.
• Security Tools: Evaluate, select, and implement security tools and technologies that enhance SecuriGence's security posture, drawing on your experience with a wide range of security tools and technologies (e.g., ACAS, AD, DNS, HBSS, ITSM, OCSP, OS Imaging, SCCM, SCOM, SIEM).
• Security Engineering: Collaborate with engineering teams to embed security into the development lifecycle of new products and services, utilizing your experience in implementing scrum methodologies to improve system reporting and vulnerability compliance.

Program Management:

• Management tasks performed under this contract and shall be the primary point-of-contact for security and contract issues.
• The ISSM shall be responsible for ensuring that practical and effective systems are developed to meet the security and contract requirements.
• The ISSM shall also be responsible for ensuring the quality and timeliness of the work performed resulting in process improvements that result in cost effectiveness and savings for the Government.
• The ISSM shall provide oversight for contractual, project management, technical and security actions on behalf of the Contractor.
• The Security group consisting of the Program Manager and Contractor designated personnel are ultimately responsible for all security, programmatic and operational requirements as identified within this PWS.

Qualifications:

• Education: Bachelor's degree in Cybersecurity, Computer Science, or related field. (Advanced degree preferred)
• Experience: 12 years of progressive experience in cybersecurity, with at least 5 years in a leadership or management role.
• Certifications: Must obtain or carry a Agilist certification and DoD 8140.01 IAM-III certification (CISM, CISSP, GSLC, CCISO).
• Clearance: Active Top Secret Clearance (SCI eligibility highly desired)
• Technical Skills: Demonstrated expertise in network security, vulnerability management, incident response, security architecture, and risk management.
• Leadership Skills: Proven ability to lead and inspire teams, communicate effectively with technical and non-technical stakeholders, and build strong relationships.
• Problem-Solving: Strong analytical and problem-solving skills, with the ability to think strategically and make sound decisions under pressure.
• Experience working with DARPA or other DoD agencies, including knowledge of their security requirements and technologies.
• Familiarity with agile development methodologies and SecDevOps practices.

About

SecuriGence LLC (SG) is an agile, HUBZone Certified Veteran-owned small business headquartered in the Washington, DC metropolitan region. Established in April 2010 we have been supporting the Department of Defense and other United States Civil agencies in Systems Engineering, Software Engineering, Software Development, Cyber Security, and Cloud/Virtualization Management.

SecuriGence provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.