Information System Security Manager (ISSM)

DecisionPoint seeks a Senior Information System Security Manager (ISSM) to oversee cybersecurity governance, RMF lifecycle execution, audit readiness, and continuous monitoring for enterprise systems supporting a federal and DoD-aligned mission environment. This senior leadership position is responsible for defining and maintaining the cybersecurity posture of complex cloud-hosted and enterprise applications. 

The ISSM provides strategic oversight for all cybersecurity documentation, compliance artifacts, assessments, authorizations, and system security engineering activities. The role ensures that systems remain compliant, secure, and audit-ready throughout operational performance while guiding cybersecurity engineers and analysts across the security engineering team. 

This position is fully remote. 

Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid. 

The Information System Security Manager (ISSM) will: 

• Oversee the full RMF lifecycle including categorization, control selection, implementation, assessment, authorization, and continuous monitoring. 

• Serve as the senior authority for cybersecurity compliance, assessments, reporting, and audit readiness. 

• Manage the development, update, and review of cybersecurity documentation including SSPs, POA&Ms, SARs, RARs, and security artifacts. 

• Lead the security engineering team in implementing controls, remediating vulnerabilities, and managing cyber risk. 

• Coordinate with system owners, developers, cloud engineers, and PMO staff to ensure system changes comply with RMF and cybersecurity policy. 

• Maintain continuous monitoring programs including logging, alerting, vulnerability scanning, and configuration oversight. 

• Support cybersecurity incident response actions and provide leadership during triage, containment, root cause analysis, and corrective actions. 

• Ensure systems meet DoD and federal cybersecurity requirements including STIG compliance, patching cycles, and secure configuration baselines. 

• Oversee internal and external assessments, penetration test tracking, and ATO sustainment activities. 

• Provide cybersecurity guidance during architecture design, modernization efforts, or new capability implementations. 

• Develop cybersecurity metrics, dashboards, and executive reporting for senior government stakeholders. 

• Train, mentor, and supervise cybersecurity staff, ensuring high-quality performance and professional growth. 

• Drive continuous improvement in cyber processes, automation, documentation, and governance practices. 

Clearance Requirement 

Must hold an active Top Secret clearance, supported by a Tier 5 background investigation. 

Education (Required) 

Bachelor’s degree in Cybersecurity, Information Assurance, Information Technology, or a related field. 

Experience (Required) 

• Minimum 10 years of experience in cybersecurity, information assurance, or security engineering. 

• Demonstrated experience overseeing RMF documentation, ATO processes, and cybersecurity compliance for large federal or DoD systems. 

• Experience managing SSPs, POA&Ms, assessment findings, and continuous monitoring activities. 

• Experience supervising cybersecurity staff or leading security engineering teams. 

• Experience coordinating with technical teams, cloud environments, and system owners on secure implementations. 

Technical Knowledge (Required) 

• Deep understanding of NIST SP 800-53, RMF, DoD cybersecurity directives, and ATO processes. 

• Knowledge of STIGs, vulnerability management, secure configuration baselines, and patching requirements. 

• Proficiency in managing security documentation, controls, assessments, and compliance artifacts. 

• Familiarity with SIEM, logging tools, scanning tools, and continuous monitoring platforms. 

• Understanding of cloud security controls, secure architectures, and authorization requirements. 

Technical Knowledge (Preferred) 

• Experience supporting modernization activities, cloud migrations, or container-based environments. 

• Knowledge of Zero Trust principles and cloud-native security practices. 

• Experience with automated compliance or security orchestration tools. 

Certifications 

Required: 

• CISSP 

Preferred: 

• CISM 

• Security+ 

• Other advanced cybersecurity or leadership certifications (e.g., CISSP-ISSMP, GSLC) 

Skills 

• Strong leadership and communication skills for guiding cybersecurity teams and briefing senior stakeholders. 

• Excellent analytical and problem-solving abilities for complex cybersecurity issues. 

• Strong attention to detail and commitment to accuracy in compliance documentation. 

• Ability to manage multiple cybersecurity initiatives simultaneously under mission-driven deadlines. 

• Ability to translate cybersecurity requirements into actionable engineering and operational tasks. 

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.