Information System Security Manager (ISSM)
Share
Job Location:
Huntsville, AL - USA
Monthly Salary:
Not Disclosed
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
Company Overview
Hexagon US Federal is a proxy-governed subsidiary of Hexagon AB providing an ever expanding portfolio of Hexagon Technologies to U.S. Federal Government organizations including defense and intelligence agencies to meet a variety of mission requirements. With our unique capabilities and experience we transform state-of-the-art commercial technology into mission-specific solutions for our customers partnering with them to solve their most challenging problems.
Quick Hits
Employees: 200
Operating Locations: Chantilly VA (HQ); Huntsville AL; Lanham MD and other client sites across the US
We are seeking an Information System Security Manager (ISSM) in Huntsville AL.
A Day in the Life of an Information System Security Manager:
As an Information System Security Manager at Hexagon US Federal you will be expected to provide strategic cybersecurity leadership leading and prioritizing staff and driving enterprise RMF execution and ATO sustainment across DoD environments.
Responsibilites
- Serve as the principal cybersecurity advisor to senior leadership translating technical risk into mission and operational impact to support informed risk decisions.
- Direct cybersecurity resource planning backlog prioritization and workforce alignment to ensure coverage for execution continuous monitoring and high-risk remediation.
- Establish and oversee enterprise cybersecurity compliance while delegating execution to the ISSO and engineering staff while managing competing operational priorities.
- Own the cybersecurity governance framework approving policies standards and system boundary definitions aligned to DoD 8500-series and NIST SP 800-53 Rev. 5.
- Provide strategic security architecture guidance to engineering and DevSecOps teams while enabling the team to focus on highest-risk activities.
- Lead cybersecurity readiness for SCAs and A&A events directing artifact preparation managing team tasking and representing the program during AO and assessor engagements.
- Establish weekly prioritization cadence and backlog management to balance daily incident response with RMF sustainment activities.
- Provide technical oversight and quality review of RMF artifacts eMASS packages and POA&M remediation plans.
- Track and report enterprise cybersecurity KPIs including POA&M aging vulnerability trends and ATO sustainment health.
This job is for you if you:
- Thrive in leading cybersecurity operations and compliance for mission-critical highavailability environments supporting DoD or public-safety missions.
- Possess deep working knowledge of the Risk Management Framework (RMF) and DoD cybersecurity policy (NIST SP 800-53 CNSSI 1253 DoDI 8510.01) with the ability to translate requirements into executable team priorities.
- Are an effective communicator who can bridge senior technical staff program leadership and government stakeholders while clearly articulating risk and operational impact.
- Demonstrate sound judgment disciplined decision-making and the ability to balance competing priorities in a dynamic threat and compliance landscape.
- Excel at establishing operating cadence and driving accountability without excessive hands-on intervention.
- Can operate effectively in fast-paced agile environments by prioritizing high-risk work and maintaining steady progress toward ATO sustainment and continuous monitoring objectives.
What we are expecting from you (i.e. the qualifications you must have):
- Bachelors degree in cybersecurity information assurance computer science or a related field with 8-10 years of experience in cybersecurity information system security or related technical field.
- Security certification is required; advanced certifications such as CISSP CASP or CISM are preferred.
- Minimum 3-5 years experience of technical leadership experience
- Demonstrated experience working within the Risk Management Framework (RMF) including control implementation oversight assessment readiness authorization support and continuous monitoring.
- Hands-on familiarity with core cybersecurity toolsets including eMASS STIGs/STIG Viewer ACAS (Nessus/Tenable) and vulnerability scanning/assessment tools.
- Experience leading or supporting NIST SP 800-53 Rev 5 control implementation and tailoring activities to align with system requirements preferred.
- Strong understanding of the Authorization to Operate (ATO) process including the development and maintenance of Plan of Action and Milestones (POA&Ms) and other required RMF artifacts.
- Familiarity with FedRAMP controls and cloud security frameworks (AWS Azure or hybrid cloud environments) is a plus.
- Demonstrated ability to lead and prioritize cyber team activities in fast-paced operational environments.
Required Level of Security Clearance
- NONE
- Must be a US Citizen and have the ability to obtain and maintain favorable adjudication for a Tier-1 or a National Agency Check Investigation (NACI)
Physical and Mental Demands
- The physical and mental demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions.
- Ability to remain in a stationary position and operate a computer for extended periods.
- Occasional ability to move or transport items up to 25 pounds.
- Communicate effectively in English (verbal written) and possess visual and auditory acuity for tasks and safety.
- Manage multiple tasks prioritize and maintain focus in dynamic environments.
- Demonstrate strong problem-solving critical thinking and analytical skills.
- Maintain consistent attendance punctuality and high professional standards.
Work Environment:
- Work is performed primarily in a professional office and/or remote home office environment subject to typical conditions.
What we will provide in return:
- Competitive health care plans with savings accounts
- Dental and vision plans
- 401k with 100% company match up to 6% with immediate vesting on company match
- Life and disability insurance
- Learning Management System with robust offerings
- Tuition Reimbursement Program
- Flexible working arrangements where possible
- 13 paid holidays per year
- Veterans focused Employee Resources Group with regular educational sessions and communications
- Leadership Development Program with multiple learning options
Hexagon US Federal is an Equal Employment Opportunity Employer. We comply with all applicable federal anti-discrimination laws and provide reasonable accommodations for qualified individuals with disabilities and disabled veterans in its job application procedures. If you have any difficulty using our online system and need an accommodation due to a disability you may use the following email address emailprotected and/or phone number to contact us about your interest in employment with Hexagon US Federal.
All qualified applicants will receive consideration for employment without regard to protected veteran status disability status or any other protected class covered by federal state or local law. Hexagon US Federal participates in E-Verify.
At Hexagon US Federal we prioritize a secure and thorough hiring process. Be aware that we will never extend an employment offer without a careful review and interview process and all official communications from our representatives will come from a verified Hexagon US Federal email address never requesting upfront fees or sensitive information.
Required Experience:
Manager
About Company
World class technology and professional services for C5ISR, installation security, GIS, and cyber security.
