Lead Cybersecurity Engineer Information Systems Security Manager (ISSM), TSSCI

Lead Cybersecurity Engineer / Information Systems Security Manager (ISSM)

Cybersecurity Ops Sr Principal

Job Description

Seeking a Lead Cybersecurity Ops Engr / Information Systems Security Manager (ISSM) to serve as a subject matter expert (SME) supporting the Department of the Air Force. You will work directly with government technical and industry stakeholders to shape cybersecurity strategy drive secure architecture ensure RMF/ATO compliance and manage cyber risk for mission-critical capabilities. You will play a crucial role in providing recommendations for resiliency and availability of DoW software systems pertaining to space best practices for securing supply chain and enabling effective processes and procedures to protect the nations space programs.

The ISSM shall assume primary responsibility for the execution of the Risk Management Framework (RMF) lifecycle. The program is currently integrating 4 prototypes into 2 major sub-systems (Orchestration and Execution) with an initial priority on accrediting the Execution subsystems development and operational environment. This role executes the day-to-day ISSM workloadincluding ATO package generation control selection and artifact managementas the Government Technical Advisor. The Government will continue to provide oversight and direction and approval authority as required by law.

Typical job responsibilities Include:

• Lead the design and implementation of cybersecurity controls across multi-domain systems.
• Serve as the program ISSM guiding systems through the RMF including Preparation Categorization Control Selection Implementation and Assessment.
• Manage all ATO activities using XACTA 360 including entering Control Correlation Identifiers (CCIs) and uploading evidence.
• Develop a security boundary integration strategy; analyze and document the security posture of component prototypes and develop an inheritance strategy to align with the program roadmap.
• Author and maintain all security documentation including the System Security Plan (SSP) Security Assessment Plan (SAP) Security Control Traceability Matrix (SCTM) and all supporting artifacts required for an Authority to Operate (ATO).
• Manage the Plan of Action and Milestones (POA&M) for the integrated system and develop a continuous monitoring strategy coordinating remediation efforts with government and development teams.
• Support secure architecture and integration for cloud-based development and operations environments.
• Lead and mentor other cybersecurity and ISSO personnel.
• Provide security engineering expertise in areas such as cryptography cross-domain solutions system integration and secure infrastructure.
• Advise program leadership on cybersecurity posture risks and system readiness through regular readiness briefings.

Qualifications

• 14 years of experience and a Bachelors degree in Computer Science Information Assurance Information Security System Engineering or a related discipline; or a Masters degree and 12 years of experience; or a PhD/JD and 9 years of experience.
• 6 years of Cybersecurity ISSM or ISSO experience in SAP/SCI or DoD environments.
• Experience with system security engineering vulnerability assessment and secure system development.
• DoD 8140 (722) Information Systems Security Manager Intermediate certification (e.g. CGRC/CAP CASP CCSP Cloud SSCP Security or GSEC).
• Experience in supporting and/or managing technical programs throughout the software engineering life cycle.
• Requires an active Top Secret clearance with the ability to obtain and maintain Sensitive Compartmented Information and Special Program access as well as a willingness to consent to a polygraph examination.

You will wow us even more if you have experience will the following:

• Advanced 8140 (722) certification (e.g. CISM CISSP CISSP-ISSMP GCIA GCIH GSLC GICSP).
• Experience scaling prototype capabilities into operational enterprise systems.
• Experience securing space mission systems cloud/DevSecOps environments or C2 systems.
• Knowledge of secure Software Development Lifecycle configuration/change management and enterprise cyber monitoring tools.
• Understanding of enterprise IT change and configuration management policies.
• Experience with design development documentation testing and debugging of application software using secure coding practices.

Blue Sky Innovators Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex race color religion national origin disability protected Veteran status age or any other characteristic protected by law. If you are a qualified job seeker with a disability or a disabled veteran you have the right to request an accommodation if you are unable or limited in your ability to use or access as a result of your disability. To request an accommodation please email us at and provide your name and contact information. Please note: this is only for job seekers with disabilities requesting an accommodation.