Senior Information Systems Security Manager

The Swift Group i s seeking an experienced Information System Security Manager (ISSM) to join our team. This candidate will be responsible for evaluating the security posture of our systems and infrastructure, ensuring compliance with relevant frameworks and standards, and identifying vulnerabilities to mitigate potential risks effectively.

The ideal candidate will have a strong background in cybersecurity, extensive experience with compliance and vulnerability scanning tools, and a deep understanding of assessment and authorization processes.

This position is located in Tysons, VA.

Key Responsibilities :

• Manage a team of Analysts engaged in ensuring the safety of information systems assets and protection against intentional or inadvertent access or destruction.
• Support programs, organizations, systems, or enclaves by proposing, coordinating, implementing, and enforcing information system security policies, instructions, standards, and methodologies aligned with agency guidelines.
• Coordinate with the Data Custodian, Project Owner, and ISSM to identify information types, assign appropriate security categorizations to information systems, assess information security and privacy impacts, and manage associated risks.
• Document controls in information security and privacy plans to ensure compliance with minimal controls defined by CISO guidance.
• Maintain current system information in XACTA, including points of contact and artifacts, to meet organizational requirements and support processes like communication, contingency planning, and training.
• Evaluate the impact of network and system changes using RMF processes.
• Address and remediate anomalies identified during Information Security Continuous Monitoring activities according to associated risks.
• Submit system configuration deviation recommendations to stakeholders based on the required baseline.
• Develop and maintain System Security Plans (SSPs) and conduct periodic reviews to ensure compliance.
• Maintain and document configuration management for security-relevant IS software, hardware, and firmware.
• Monitor system recovery processes to ensure proper restoration of security features and procedures.
• Ensure all IS security-related documentation is current and accessible to authorized personnel.
• Formally notify relevant individuals of changes that may impact system authorization.
• Participate in governance and project reviews as identified by the client.
• Demonstrate strong documentation skills and proficiency with XACTA 360, Continuum, and other SCAP compliant tools.
• Utilize experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53 / 53A, and STIGs to support information security processes.
• Collaborate with IT and OT teams to integrate security best practices into OT operations.
• Ensure compliance with industry standards and regulations such as NIST SP 800-82.
• Establish assumptions, constraints, risk tolerances, and risk management strategies to facilitate consistent risk management decisions for OT system security and safety.

Required Qualifications :

• 5+ years of relevant experience
• Experience working with RMF, ICD 503, CNSSI 1253, NIST SP 800-53 / 53A, and STIGs
• Proficient in establishing required assumptions, constraints, risk tolerances, and risk management strategies to ensure organizations make consistent risk management decisions for the security and safety of OT systems
• Desired Certifications : Certified Ethical Hacker 10 (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), NIST Cybersecurity Framework (NCSF), AWS Solutions Architect Associate or Professional
• Bachelor's Degree in an IT-related field
• US citizenship and an active TS / SCI with Polygraph security clearance required

The Swift Groups is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.