USAFA Information System Security Manager

SiloSmashers, Inc. is a strategy, technology, and management consulting firm, founded in 1992, and located in Reston, Virginia. SiloSmashers delivers superior services and solutions to the public sector in the areas of project/program management, performance management, and IT security. The company provides innovative, collaborative business approaches, and proven methodologies that enable customers to break down organizational silos and optimize operational efficiency to achieve peak performance and mission success. Come join our team!

BACKGROUND

SiloSmashers is seeking an experienced ISSM to join its growing contract supporting a federal government agency.

The candidate shall be skilled and capable of performing the role of ISSM for the USAFA. The ISSM shall be responsible for ensuring the appropriate operational security posture is maintained for USAFA IT systems. This includes, but not limited to, responsibilities established in DoDI 8500.01, AFI 17-101 and the activities related to maintaining situational awareness and initiating actions to improve or restore cybersecurity posture. The candidate will be responsible for multiple systems and drive all aspects to attain a new Authority to Operate (ATO) designation or maintain current ATO designation. The candidate will possess detailed knowledge and expertise to manage security aspects of information systems, including physical security, personnel security, incident handling, and security awareness and training.

• Implement and enforce all DoD IS and PIT system cybersecurity policies and procedures, as defined by cybersecurity-related documentation.
• Ensure that all users have the requisite security clearances and access authorization, and are aware of their cybersecurity responsibilities for DoD IS and PIT systems under their purview before being granted access to those systems.

Initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure that a process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSO.

• Ensure that all DoD IS cybersecurity-related documentation is current and accessible to properly authorized individuals.

The ISSM role supports multiple projects, and the successful candidate is expected to be highly organized, have the wherewithal to prioritize, over-communicate, plan and tightly coordinate with a variety of stakeholders, while driving day-to-day work to completion.

The ideal candidate will be self-driven, possess the inherent interest to continue learning new technologies to solve problems and have a collaborative and continual improvement mindset in all facets of the role.

QUALIFICATIONS:

• Experience developing and managing cybersecurity programs aligned with NIST RMF and supporting ATO lifecycle activities.
• Ability to identify information owners and stewards to enforce access controls and handling requirements for DoD information systems.
• Proven track record appointing and overseeing ISSOs and ensuring compliance with cybersecurity policies and procedures.
• Skilled in coordinating cybersecurity compliance activities, including inspections, tests, and reviews with internal and external stakeholders.
• Expertise in incident response and data spill handling for classified and CUI data, including communication with Authorizing Officials (AOs).
• Proficient in secure configuration and approval of IT components prior to integration with DoD IS and PIT systems.

SOFT SKILLS:

• Analytical & Solutions-Oriented: Strong critical thinking and problem-solving skills with a data-driven, goal-focused approach to aligning solutions with mission outcomes.
• Collaborative Communicator: Excellent ability to engage cross-functional teams and stakeholders, clearly conveying technical concepts to non-technical audiences.
• Professional & Diplomatic: Skilled at facilitating complex discussions with discretion, tact, and professionalism across all organizational levels.
• Adaptable & Mission-Focused: Quick to integrate into dynamic environments while maintaining a strong commitment to team success and continuous improvement.
• Ethical & Security-Conscious: Upholds sound business ethics with a firm commitment to protecting sensitive and proprietary information.

POSITION REQUIREMENTS

• Must be a U.S. Citizen
• IT Tier 3 security background investigation/clearance to match the designation of the system assigned.
• At least 5 years' experience in field
• ONE of the following three certifications:
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Officer (CISSO)
  • Federal IT Security Professional -Manager – NG (FITSP-M)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Cloud Security Automation (GCSA)
  • GIAC Certified Incident Handler (CGIH)
  • GIAC Security Leadership Certification (GSLC)
  • Global Industrial Cyber Security Professional (GICSP)
  • Certified Information Security Professional – Information Systems Security Management Professional (CISSP-ISSMP)
  • Certified Information Security Professional (CISSP)

Pluses:

• Currently supporting a DoD System
• Previous experience supporting a DoD System
• Possesses an active IT Tier 3 security background investigation/clearance