Information Systems Security Manager ISSM

Information Systems Security Manager (ISSM)
Fulltime
Huntsville AL

About Us

Trideum Corporation is a 100 employeeowned company committed to embracing the worlds toughest challenges with a servants heart. Through dedicated hard work and commitment we provide distinctive quality and unparalleled customer service in all aspects of our business. We also know that our employees are the key to our success and it is our mission to take care of them so they can take care of our customers and communities where we live work and play.

Position Summary

We are seeking an experienced highly skilled and operationally focused Information Systems Security Manager (ISSM) to join Trideums dynamic IT team and lead our cybersecurity initiatives. This critical role involves not only defining our security strategy but also actively guiding the implementation of security controls and translating compliance requirements (like CMMC) into actionable documented procedures for our technical teams. The ISSM ensures compliance with the Cybersecurity Maturity Model Certification (CMMC) program and manages Trideums internal compliance framework including oversight of risk assessments incident response activities and Security Operations Center (SOC) analysts. The successful candidate will ensure Trideums systems and programs meet stringent information assurance requirements by leading compliance efforts assessing and mitigating risks driving practical security implementation and fostering a culture of security awareness.

What Youll Do:

• Lead the organizations CMMC compliance program ensuring alignment and adherence to DoD cybersecurity standards (NIST SP 800171 etc..
• Direct all information assurance activities to protect Trideums systems networks and data.
• Develop document and guide the implementation of practical actionable information security policies procedures and controls aligned with CMMC and NIST standards.
• Conduct regular risk assessments and security audits; develop and track mitigation strategies.
• Continuously assess refine and manage the implementation of security controls across the enterprise architecture using security metrics to drive improvements.
• Provide clear technical guidance and mentorship to the ISSE security analysts and other IT staff on the implementation and operation of security measures.
• Mentor and develop cybersecurity personnel (ISSE SOC analyst) fostering technical growth and a proactive security mindset within the team.
• Actively participate in defining configuration standards and security tool deployments ensuring procedures are effective and efficient within our operational environment.
• Oversee SOC analysts and lead enterprisewide incident response including handson investigation support when needed and implement effective corrective actions.
• Maintain comprehensive security documentation (SSP POAM etc. and manage the documentation lifecycle.
• Establish and manage relationships with external security service providers and vendors.
• Integrate security measures throughout the system development lifecycle.
• Develop and execute comprehensive security awareness programs.
• Support RMF and ATO processes for direct programs as required.
• Evaluate and recommend emerging cybersecurity technologies and best practices relevant to our environment.

Travel: Minimal travel required to Trideum branch offices customer sites and cybersecurity conferences.

Requirements and Qualifications:

• Education:
  • Bachelors degree in Computer Science Information Technology Cybersecurity or a related field required.
  • Masters Degree preferred.
  • Ongoing professional development in cybersecurity and information assurance.
• Experience:
  • Direct handson experience leading CMMC compliance efforts within the Defense Industrial Base (DIB) is mandatory; familiarity limited solely to RMF is insufficient for this role.
  • 5 years of progressive experience in information security.
  • 2 years in security management or leadership roles.
  • Proven ability to translate CMMC/NIST SP 800171 requirements into documented implementable procedures and system security plans (SSP).
  • Experience maturing a cybersecurity program including developing processes and documentation.
  • Strong background in defense contracts and classified information handling procedures.
  • Proven track record of managing or overseeing SOC operations and leading incident response.
  • Expertise in risk management framework (RMF) and authority to operate (ATO) processes.
  • Experience working within a smalltomediumsized business (SMB) environment
• Certifications:
  • Certified Information Systems Security Professional (CISSP) highly preferred.
  • Additional certifications preferred such as: Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) or CMMC Registered Practitioner (RP).
• Skills:
  • Advanced knowledge of information security principles best practices and relevant NIST standards (SP 800171 SP 80053 etc..
  • Ability to bridge the gap between highlevel compliance frameworks (CMMC NIST) and practical daytoday security operations.
  • Demonstrable familiarity with comprehensive control frameworks such as the Secure Controls Framework (SCF).
  • Proficiency with security information and event management (SIEM) tools and security orchestration automation and response (SOAR) concepts.
  • Strong understanding of cloud security architecture (Azure GCC High preferred) and controls.
  • Experience with vulnerability assessment tools methodologies and remediation tracking.
  • Expertise in security assessment tools and compliance management platforms.
  • Strong mentoring and team leadership skills focused on technical development and collaboration.
  • Security program management skills with a strong focus on effective implementation and operational readiness.
  • Excellence in written and verbal communication including documentation of policies and procedures.
  • Strong analytical and problemsolving abilities.
  • Demonstrated ability to communicate complex technical concepts effectively to both technical and nontechnical stakeholders.
• Clearance: US citizenship with the ability to obtain and maintain a security clearance

We Take Care of Our People

Whether youre looking to launch a new career or grow an existing one Trideum is the type of company where you can balance great work with great life because we believe that taking care of our people is the right thing to do. Trideum offers:

• Competitive pay based on the work you do here and not your previous salary.
• Traditional benefits such as medical dental vision life disability and 401k matching.
• Paid leave and the ability to cash out leave.
• Free access to certified financial planners wellness and support services and discount programs.
• Education assistance and professional development opportunities.
• And much more

Ready to Apply

Start Your Application now!

Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race color religion sex national origin age disability veteran status genetic information sexual orientation gender identity or any other characteristic protected by law. People with disabilities who need a reasonable accommodation to apply or compete for employment with Trideum may request such accommodation(s) by contacting Human Resources at 256.704.6123 or .