Information Systems Security Manager (ISSM)

Modern Technology Solutions
Beavercreek, Ohio
Full-time

Own Your Future.

Modern Technology Solutions, Inc. (MTSI) is seeking an Information System Security Manager (ISSM) with a Top Secret Clearance in Dayton, Ohio.

Why is MTSI known as a Great Place to Work?

  • Interesting Work : Our co-workers support some of the most important and critical programs to our national defense and security.
  • Values : Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry.
  • 100% Employee Ownership : we have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company;

we have company wide town-hall meetings three times a year.

  • Great Benefits - Most Full-Time Staff Are Eligible for :
  • Starting PTO accrual of 20 days PTO / year + 10 holidays / year
  • Flexible schedules
  • 6% 401k match with immediate vesting
  • Semi-annual bonus eligibility (July and December)
  • Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account
  • Up to $10,000 in annual tuition reimbursement
  • Other company funded benefits, like life and disability insurance
  • Optional zero deductible Blue Cross / Blue Shield health insurance plan
  • Track Record of Success : We have grown every year since our founding in 1993

Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance.

MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide.

For more information about MTSI, please visit .

Responsibilities :

  • Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures
  • Generate and maintain required Information System (IS) security documentation including Systems Security Plans (SSP), Information Assurance Standard Operating Procedures (IA SOP), Continuous Monitoring Plans, Security Control Traceability Matrices (SCTM), Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices and procedures
  • Assume Information System Security Officer (ISSO) responsibilities in their absence
  • Maintain customer-required Information Assurance (IA) certifications
  • Maintain day-to-day security posture and continuous monitoring of classified Information Systems
  • Coordinate with customers on approval of external information systems / guest systems
  • Schedule, perform and maintain records of required IS auditing, patching, maintenance, software / hardware changes, and scanning based on evolving threat / vulnerabilities and customer compliance requirements
  • Develop and conduct test procedures for verification of Authorization and Accreditation (A&A) and / or Risk Management Framework (RMF) safeguards to meet customer requirements based upon JSIG, ICD 705, NIST 800-53, NIST 800-53a, NIST 800-171 & CNSSI 1253
  • Evaluate threats and vulnerabilities to determine the need for supplementary safeguards (, firewall, data flow, network access, etc.)
  • Employ customer-approved procedures for sanitizing and releasing system components and media
  • Ensure all IS security-related documentation is current and accessible to properly authorized individuals
  • Conduct periodic reviews to ensure compliance with SSP
  • Be knowledgeable of and comprehend customer Security Classification Guides (SCG) to determine classified system requirements
  • Enforce Configuration Management (CM) policies and procedures for authorizing the use of hardware / software on an IS
  • Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented
  • Assess proposed changes to customer information systems, their environment of operation, and mission needs that could affect system authorization.
  • Maintain a working knowledge of IS functions, security policies, technical security safeguards, and operational security measures
  • Coordinate with Program Security Officer (PSO), Contractor Program Security Officer (CPSO) and / or Government SAP Security Officer (GSSO) to define, implement and maintain information security policies, strategies, and procedures Implement policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents
  • Formally notify the appropriate individuals when changes occur that might affect accreditation
  • Ensure the development, documentation, and presentation of classified IS security education, awareness, and training activities
  • Provide mentoring and leadership to supporting ISSOs
  • Familiarity with enterprise-level networks and Information Systems
  • Knowledge of DevSecOps policies and procedures including Continuous Integration / Continuous Development (CI / CD) pipelines

Qualifications :

  • Bachelor’s degree in Computer Science, Information Assurance, Information Security or related field. Desired Master's degree in Computer Science, IT Management, Cybersecurity or Information Assurance
  • Six (6) years of experience working in an IA-related field
  • Four (4) years of additional experience may be substituted for a bachelor’s degree
  • CompTIA Security+ Certification
  • ISC)2 CAP - Certified Authorization Professional Certification
  • Desired : (ISC)2 CISSP - Certified Information Systems Security Professional Certification
  • Experience with A&A documentation and system authorization artifacts for Special Access Program (SAP) and Secure Compartmentalized Information (SCI) systems
  • Knowledge of federal security requirements and mandates (, RMF, Federal Information Processing Standards (FIPS), National Standards of Information Technology (NIST))
  • Experience with security architectures, firewalls and network access
  • Experience with risk managed downloads / Assured File Transfers (AFTs), IS sanitization and destruction, PEDs, contaminations, incident response, virus scanning, privileged user access, and hardware / software configuration management
  • Excellent oral and written communication skills
  • Strong customer service skills; being able to work with personnel across multiple disciplines of the organization
  • Strong organizational skills and ability to manage multiple tasks concurrently
  • Excellent time management, scheduling, and organizational skills
  • Ability to work well independently as well as follow detailed instructions for completing tasks
  • Working knowledge of development tools such as GitLab, Artifactory, JIRA & Sonarqube
  • Must possess an active Top Secret security clearance. Duties will require unescorted entry and work within classified SAP and SCI facilities.

100% onsite in the customer’s facilities

Desired to have 12 months or more of experience in a SAP environment within the last 5 years

Please Note : , due to contract requirements.

ADDITIONAL NOTES

  • Travel : Position requires up to 10% travel to CONUS areas.
  • 30+ days ago
Related jobs
Promoted
gTANGIBLE Corporation
Dayton, Ohio

Information Systems Security Manager (ISSM) II. The Air Force (AF) Special Access Program (SAP) Security Support Services (SSS) assists the AF cognizant security authority in oversight of enhanced National Security Objectives supporting AF SAP interests through active and integrated security operati...

Promoted
Logistics Management Institute
Dayton, Ohio

LMI is seeking a Senior Cybersecurity Information Systems Security Manager (ISSM) with a minimum of a SECRET clearance to provide cybersecurity Risk Management Framework (RMF) Authority to Operate (ATO) support for a DoD client. DOD Cyber Workforce (DCWF) 8140 (722) Intermediate Information Systems ...

Promoted
Leidos Holding
Fairborn, Ohio

The Information System Security Manger (ISSM) is the primary Information Assurance (IA) decision maker and responsible for the management and technical administration of the Information System (IS) in accordance with internal and external security requirements. Working with the Facility Security Off...

Promoted
Booz Allen Hamilton
Dayton, Ohio

Information Systems Security Officer. This is your opportunity to take an active role in information security while growing your skills in cloud technology, cybersecurity and risk management, AI and ML, data science and management, and virtualization. In all of this "cyber noise", how can ...

Promoted
Leidos Holding
Dayton, Ohio

The successful candidate will serve as an IT Systems Security Engineer for HPC engineering and operations, and will liaison with senior government personnel supporting critical national DoD HPC systems. Uses encryption technology, penetration and vulnerability analysis of various security technologi...

Promoted
Leidos Inc
Beavercreek, Ohio

As part of the Leidos Beavercreek Security Team you will collaborate with Information System Security Manager (ISSM) and System Owners to help ensure IT systems remain compliant to government regulations, frameworks, and standards pertaining to SP NIST 800-53A. The ISSO will assist the ISSM in the d...

Modern Technology Solutions
Beavercreek, Ohio

MTSI) is seeking an experienced Information Systems Security Officer (ISSO) who will be responsible for maintaining compliance with applicable security regulations, leading the Information Assurance program for various classified information systems, and performing site-level Information Technology ...

GDIT
Dayton, Ohio

The ISSO is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an inform...

SPA
Dayton, Ohio

Minimum of 3 years of classified information systems experience working with an Information System Security Manager (ISSM) to develop and implement DoD security controls on DoD ACAT I, ACAT II, or other ACAT programs. DoD 8570 Information Assurance Management Level I and GIAC Security Leadership Cer...

Modern Technology Solutions
Beavercreek, Ohio

Develop, implement, and enforce information systems security policies ensuring system security requirements are addressed during all phases of the acquisition and Information System lifecycle. Conduct information system security engineering activities, confirm that information security requirements ...