What are the responsibilities and job description for the Senior Information Systems Security Manager (ISSM) position at Umbra?
Description
Umbra builds next-generation space systems that observe the Earth in unprecedented fidelity.
Our mission: Deliver global omniscience.
To stay ahead of climate change, geopolitical risk, and other major crises and issues, we need a global understanding of what is changing, where, and how fast. Umbra provides easy access to the highest quality commercial satellite data available, which is an indispensable tool for the growing number of organizations monitoring the Earth. We empower our customers to create solutions that inform, inspire, and address our planet's most pressing needs. We’re helping to create a brand-new industry that has never meaningfully existed before.
The Senior Information Systems Security Manager (ISSM) will be instrumental in safeguarding Umbra's information systems and ensuring adherence to federal regulations and standards. We are seeking someone with a robust background in information systems security frameworks, risk assessments, and security incident response. As we elevate our technology and data initiatives, you will spearhead efforts to develop, implement, and oversee the security of our systems and data. If you are a cybersecurity expert, skilled in navigating intricate regulatory landscapes, and driven by a passion for innovation, we invite you to be a part of this transformative journey!
This is an in-person position in our Arlington VA office. Hybrid work arrangements may also be considered.
What You'll Do - You'll take the lead in driving our Governance, Risk, and Compliance (GRC) initiatives across corporate, space, and classified computing environments. Your mission will be to establish and uphold a robust GRC framework that aligns with our business goals. You will collaborate seamlessly across various teams—ranging from technical (Product & Engineering) to corporate operations (Legal, Finance, HR, Industrial)—to ensure Umbra is strategically prepared to meet all its GRC requirements.
Key Responsibilities
Required Qualifications
Employment Eligibility Verification
In compliance with federal laws, all hired persons will be required to verify their identity and eligibility to work in the United States by completing the required Employment Eligibility Verification Form (I-9 Form) upon hire.
ITAR/EAR Requirements
This position may include access to technology and/or data that is subject to U.S. export controls pursuant to ITAR and EAR. To comply with federal export controls, all persons hired must be a U.S. citizen, U.S. national, U.S. lawful permanent resident, refugee or asylee as defined by 8 U.S.C.
This job posting may cover multiple career levels. To ensure greater transparency, we provide base salary ranges for all roles, regardless of location. Our standard pay ranges are based on the role’s function and level, benchmarked against similar growth-stage companies. Compensation may vary based on geographical location, as certain regions may have different cost-of-living factors. The final offer will also be influenced by the candidate's skills, responsibilities, and relevant experience.
Compensation Range
The Compensation Range for this role is $150,000 - $190,000.
Umbra builds next-generation space systems that observe the Earth in unprecedented fidelity.
Our mission: Deliver global omniscience.
To stay ahead of climate change, geopolitical risk, and other major crises and issues, we need a global understanding of what is changing, where, and how fast. Umbra provides easy access to the highest quality commercial satellite data available, which is an indispensable tool for the growing number of organizations monitoring the Earth. We empower our customers to create solutions that inform, inspire, and address our planet's most pressing needs. We’re helping to create a brand-new industry that has never meaningfully existed before.
The Senior Information Systems Security Manager (ISSM) will be instrumental in safeguarding Umbra's information systems and ensuring adherence to federal regulations and standards. We are seeking someone with a robust background in information systems security frameworks, risk assessments, and security incident response. As we elevate our technology and data initiatives, you will spearhead efforts to develop, implement, and oversee the security of our systems and data. If you are a cybersecurity expert, skilled in navigating intricate regulatory landscapes, and driven by a passion for innovation, we invite you to be a part of this transformative journey!
This is an in-person position in our Arlington VA office. Hybrid work arrangements may also be considered.
What You'll Do - You'll take the lead in driving our Governance, Risk, and Compliance (GRC) initiatives across corporate, space, and classified computing environments. Your mission will be to establish and uphold a robust GRC framework that aligns with our business goals. You will collaborate seamlessly across various teams—ranging from technical (Product & Engineering) to corporate operations (Legal, Finance, HR, Industrial)—to ensure Umbra is strategically prepared to meet all its GRC requirements.
Key Responsibilities
- Develop, implement, and manage the overall information security program, aligning with industry standards and government regulations (CMMC/DFAR, RMF, etc.).
- Lead risk assessments and vulnerability assessments to identify, evaluate, and prioritize risks associated with information systems.
- Establish security policies and procedures, ensuring compliance across all levels of the organization.
- Collaborate with IT and development teams to integrate security measures into the system development lifecycle (SDLC).
- Conduct regular training for staff on information security best practices and policies.
- Serve as the primary point of contact for all audits related to information systems security, ensuring corrective actions are implemented in a timely manner.
- Oversee the management of information security tools and technologies, ensuring they are effective and up to date.
- Maintain and report on relevant metrics and trends associated with information systems security.
- Manage the Identity, Group permissions, and access control mechanisms for personnel accessing sensitive information, ensuring compliance with US government requirements.
- Lead and support continuous improvement initiatives for security measures across the organization.
- Travel may be required, approximately 10%.
- Other professional duties as assigned.
Required Qualifications
- 10 years of experience in information systems security or a related field, with a strong emphasis on risk management and compliance.
- 5 years of experience in spearheading efforts to develop, implement, and oversee the security of systems and data.
- Thorough knowledge of security frameworks such as NIST SP 800-53/800-171, RMF, CMMC and relevant federal regulations.
- Experience managing security programs for federal contractors or in closely regulated industries.
- Strong analytical and problem-solving skills, with the ability to manage complex security challenges.
- Expertise in incident response planning and execution, as well as security monitoring tools and techniques.
- Demonstrated ability to communicate security concepts effectively to technical and non-technical audiences.
- TS/SCI security clearance, or the ability to obtain one.
- Proven project management skills, with a track record of delivering security initiatives on time and within budget.
- Strong understanding of security concepts such as identity and access management (IAM), data protection, and network security best practices.
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related discipline.
- Certifications such as CISSP, CISM, CISA, or equivalent highly desirable.
- Experience in an aerospace or defense environment, with familiarity concerning the unique security needs of these sectors.
- Demonstrated experience working with government clients and understanding their specific security requirements and challenges.
- Flexible Time Off, Sick, Family & Medical Leave
- Medical, Dental, Vision, Life, LTD, STD (employer funded)
- Vol Life, Critical Illness, Accidental, Hospital Indemnity, Pet Insurance (employee funded)
- 401k with 3% non-elective company contribution
- Stock Options
- Free parking in office building or Transit is reimbursed
- Free lunch daily in office
Employment Eligibility Verification
In compliance with federal laws, all hired persons will be required to verify their identity and eligibility to work in the United States by completing the required Employment Eligibility Verification Form (I-9 Form) upon hire.
ITAR/EAR Requirements
This position may include access to technology and/or data that is subject to U.S. export controls pursuant to ITAR and EAR. To comply with federal export controls, all persons hired must be a U.S. citizen, U.S. national, U.S. lawful permanent resident, refugee or asylee as defined by 8 U.S.C.
- 1324b(a)(3), or must otherwise be eligible to obtain the required authorizations from the U.S. Department of State and/or U.S. Department of Commerce as applicable.
This job posting may cover multiple career levels. To ensure greater transparency, we provide base salary ranges for all roles, regardless of location. Our standard pay ranges are based on the role’s function and level, benchmarked against similar growth-stage companies. Compensation may vary based on geographical location, as certain regions may have different cost-of-living factors. The final offer will also be influenced by the candidate's skills, responsibilities, and relevant experience.
Compensation Range
The Compensation Range for this role is $150,000 - $190,000.
Salary : $150,000 - $190,000
