Information Systems Security Manager

JOB DUTIES AND RESPONSIBILITIES

• Develop and enforce information security policies, procedures, and guidelines to comply with industry standards and regulations.
• Monitor, assess, and address security threats, vulnerabilities, and risks; recommend and implement appropriate measures.
• Conduct regular security assessments, audits, and penetration tests to identify and address potential weaknesses.
• Lead the incident response process, including investigation, mitigation, and reporting of security breaches and incidents.
• Collaborate with IT teams to integrate security controls into the organization’s infrastructure, applications, and operations.
• Develop and maintain System Security Plans (SSP) and Plans of Action and Milestones (POAM).
• Stay updated on emerging security trends, technologies, and best practices; adapt strategies to counter new threats.
• Provide training and awareness programs to promote a culture of security and ensure adherence to policies.
• Oversee and manage CMMC version 2 Level 2 compliance efforts, leveraging your experience to guide our initiatives.
• Apply NIST standards and frameworks to our security practices and policies.
• Monitor the network for compliance, manage remediation efforts, and ensure adherence to security protocols.
• Handle incident response reporting and triage to ensure prompt resolution of security incidents.
• Use security assessment and hardening tools to evaluate and enhance system security.
• Manage multiple tasks efficiently with minimal supervision in a dynamic environment.

JOB REQUIREMENTS AND MINIMUM QUALIFICATIONS

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field from an accredited college or university.
• Minimum of 8 years of experience in information security, including at least 2 years in a managerial or leadership role.
• Proven experience with CMMC version 2 Level 2 compliance.
• Relevant certifications such as CISSP, CISM, CISA, or equivalent are strongly preferred.
• In-depth knowledge of information security principles, risk management, and regulatory requirements (e.g., CMMC, FedRAMP).
• Experience with security technologies such as firewalls, intrusion detection systems, encryption, and vulnerability management tools.
• Strong analytical and problem-solving skills with the ability to communicate complex security concepts to non-technical stakeholders.
• Demonstrated ability to lead and manage cross-functional teams and projects.
• Proficiency in monitoring networks for compliance and handling incident response.
• Familiarity with various security assessment and hardening tools.
• Self-starter with excellent multitasking and time management skills.
• Ability to work independently and adapt to a dynamic work environment.
• Must be a U.S. Citizen as a security clearance is required to perform this role.   As such, candidates with an active U.S. Security Clearance are preferred.