Information Systems Security Manager

Overview

Persistent Systems is a growing business that develops Mobile Ad hoc Networking (MANET) wireless radio systems for Government and commercial applications. The radios are typically worn on the person, mounted to manned vehicles, integrated into autonomous unmanned vehicles, or installed at fixed sites. The systems provide on-the-move data, voice, video, and situational awareness capability. Located in the heart of New York City, Persistent Systems is an exciting company that is passionate about delivering cutting edge products.

Responsibilities

Persistent Systems is seeking an Information Systems Security Manager (ISSM) to join our growing team. As an ISSM, you will be a member of the cybersecurity leadership team supporting a Department of Defense program of record. The position will be based in the Persistent Systems office in Fort Collins, Colorado. This ISSM will possess strong core competencies in Risk Management Framework (RMF), DoD security compliance, and Authorization to Operate (ATO) processes. Duties will include directing all aspects of system security authorization and maintaining continuous compliance with DoD cybersecurity standards. This individual will play a pivotal role in ensuring mission-critical systems maintain their security authorizations while supporting operational requirements.

Position Responsibilities

• Direct and manage all Authorization to Operate (ATO) and Risk Management Framework (RMF) compliance efforts for DoD systems
• Coordinate with and respond to the Authorizing Official (AO) office regarding ATO-specific items, timelines, and requirements
• Conduct comprehensive documentation audits and updates to ensure ATO/RMF compliance for regular authorization renewals
• Provide expert compliance and risk analysis inputs for proposed system changes, integrations, and technology insertions
• Compile comprehensive risk assessments and lead the submission of EMASS packages through authorization workflows
• Collaborate with cybersecurity engineers to ensure thorough, timely risk remediation
• Collaborate with network engineers, cybersecurity engineers, and Information Systems Security Officers (ISSOs) to ensure the currency and accuracy of system documentation
• Direct incident response exercises and vulnerability and compliance scanning activities at all levels of the system to reduce or eliminate active threats
• Maintain comprehensive understanding of system architecture, boundaries, and interconnections to support security assessment and authorization activities
• Ensure compliance with NIST 800-53 security controls, DoD cybersecurity policies, and applicable Security Technical Implementation Guides (STIGs)
• Lead continuous monitoring activities and manage Plan of Action and Milestones (POA&M) to maintain continuous authorization status
  
  

Qualifications

Minimum Qualifications

• Five years of professional experience in DoD cybersecurity and compliance, managing security authorizations, conducting risk assessments, and maintaining cybersecurity bodies of evidence
• Certification as required by DoD 8140 (formerly DoD 8570) for ISSM role (e.g. Security , CISSO, CCSP, CCISO, etc.)
• Demonstrated familiarity with NIST Risk Management Framework (RMF), NIST 800-53 security controls, DoD Instruction 8510.01, and EMASS processes
• Experience coordinating with Authorizing Officials, SCA/SCAR teams, program teams, engineers, and other stakeholders throughout the authorization process
• Familiarity with security and compliance scanning tools such as ACAS, Nessus, SCAP, etc.
• Proven ability to lead technical teams and manage complex compliance timelines
• Must be available to travel up to 40% of the time
• Currently hold or have the ability to obtain United States Secret security clearance
  
  

Preferred Qualifications

• Bachelor’s or higher degree in Cybersecurity, Information Assurance, or related technical field
• Additional advanced certifications such as CISM, CISSP, or GIAC GSLC
• Four or more years of experience as a lead ISSM, particularly in a prime contractor or program office role
• Deep knowledge of DoD cybersecurity policies including STIGs, SRGs, FIPS, Common Criteria, and NIAP validation standards
• Understanding of tactical network architectures, hardware security, and software supply chain security
• Experience with industry-standard project management, analytical, and documentation tools such as Microsoft Office/Project/Teams/Visio, Atlassian suite, and eMASS
• Experience with DevSecOps practices and security automation tools
  
  

Total compensation for this role can vary from $134,000 to $163,000 a year based on individual qualifications. Eligibility for yearly discretionary bonus. Persistent Systems, LLC offers a comprehensive benefits package including medical, dental, vision, life, and disability insurance; paid time off (sick time and vacation time); flexible spending accounts; 401(k) plan with company match; fitness membership reimbursement; tuition assistance; mental health benefits; and pet discounts.