Information Systems Security Manager - Columbia Falls or Huntsville

This position requires that you must be a US Citizen for consideration and meet all Federal Contractor employee requirements. Nomad GCS does not support the H1B Visa for this position.

Position: Information Systems Security Manager – Columbia Falls or Huntsville
Division: Technology
Department: Systems Administration
Status: Full-Time

Overview: Nomad Global Communications Solutions is a leading provider of communication and response products serving a wide variety of customers. Our purpose is to be the solution when every minute matters. We seek a skilled Information Systems Security Manager to join our dynamic IT Team!

The Information Systems Security Manager will be responsible for developing and deploying information security strategies for enterprise systems, ensuring alignment with organizational requirements, policies, standards, and procedures. This role involves close collaboration with IT teams to identify vulnerabilities, conduct security control assessments, perform risk analyses, and implement mitigation strategies. The successful candidate will have experience interpreting and applying requirements from government contracts and will contribute to identifying root causes of security issues, prioritizing threats, and recommending corrective actions. They will also stay informed about the evolving cyber threat landscape and current best practices in cybersecurity. In addition, the role includes supporting the creation of enterprise-wide security policies and procedures, conducting vulnerability testing and security assessments, and strengthening the organization’s cyber defense posture through gap analysis and validated prevention, detection, and response measures.

ESSENTIAL FUNCTIONS / RESPONSIBILITY:

• Develop and deploy program information security for enterprise systems in alignment with organizational requirements, policies, standards, guidelines, and procedures.
• Collaborate with IT teams to:
  • Identify system vulnerabilities.
  • Conduct security control assessments.
  • Perform risk analyses and assessments.
  • Develop mitigation strategies for identified security issues.
• Review and disseminate requirements derived from government contracts.
• Investigate root causes of security issues and prioritize threats.
• Recommend and implement corrective actions.
• Stay current with evolving cyber threats and industry best practices.
• Support the creation and maintenance of enterprise-wide information security policies, standards, guidelines, and procedures across multiple stakeholder organizations.
• Conduct vulnerability testing, risk analyses, and security assessments.
• Enhance organizational cyber defense resilience by identifying gaps and validating prevention, detection, and response strategies.
• Maintain accurate records of IT-related activities, inventory, and documentation.
• Stay up-to-date on the latest technologies and security threats.
• May be involved in planning and implementing new IT projects.
• Perform other duties as assigned.

BASIC KNOWLEDGE DESIRED:

• Demonstrate understanding and application of Nomad Core Values.
• Experience implementing NIST 800-171 to meet CMMC standards
• Understanding of contractual cyber requirements both FAR and DFARs
• Knowledge of DFARs 252.204-7012, 7021, and other CMMC related DFARs
• Experience developing RMF documentation in achieving an Authority to Operate (ATO)
• Thorough knowledge of: NIST 800 series special publications, FIPS, and other significant federal regulations

PHYSICAL DEMANDS:

• Regular use of hands and arms to manipulate, handle, feel, reach, or operate objects, tools, or controls. Ability to stand and sit for extended periods as required by task assignment.
• Frequent standing, walking, and sitting throughout the day. Occasionally required to climb, balance, stoop, kneel, crouch, or crawl.
• Ability to lift and/or move up to 25 pounds frequently and up to 50 pounds occasionally. Assistance required for anything heavier than 50 pounds.
• Specific vision abilities include close vision, distance vision, peripheral vision, depth perception, and the ability to adjust focus and distinguish colors, necessary for both office tasks and production work.
• Must have the physical stamina to adapt to varying workload demands and stand or sit for prolonged periods depending on the specific tasks of the day.

WORKING ENVIRONMENT:

• Work is split between a partially environmentally controlled indoor manufacturing area and a professional office setting. Temperatures in the manufacturing area can fluctuate between 60°F and 100°F, typically maintained around 70°F in the office.
• Exposure to varying noise levels from moderate in the office to loud on the production floor; safety hearing devices provided as needed.
• Possible exposure to household and commercial chemicals with adherence to safety protocols outlined in Safety Data Sheets (SDS) required. Safety glasses and closed-toed shoes are mandatory when on the production floor.
• Regular interaction with team members, guests, and clients in a professional setting. Everyday workwear must be business casual/smart casual and appropriate for the office environment.
• Use of additional personal protective equipment (PPE) such as respirators or protective coveralls may be necessary for specific tasks on the production floor.

QUALIFICATIONS & EXPERIENCE:

• Bachelor's degree or better from an accredited university in the field of Cybersecurity, Computer Science, Information Technology, or a related field. Alternatively, substantial experience in this field may also be considered.
• 3 years of cybersecurity experience within a manufacturing or engineering environment.
• Key industry certification in Cybersecurity, such as CISSP, CISM, GIAC, CRISC, and CISA.
• Strong proficiency in understanding and implementing NIST standards for CMMC and RMF.
• IAT Level II certification, required.
• Knowledge of DevSecOps principles, best practices, and working with software developers, preferred.
• Experience using software scanning tools like Fortify or Checkmarx during the SDLC and providing guidance to mitigate identified concerns, preferred.
• Ability to understand not only emerging industry trends as far as cyber security is concerned but also the landscape of emerging threats, making appropriate adjustments within the cybersecurity program.
• Experience in cybersecurity best practices and risk management.
• Proficient with MS Office Suite including Excel, Word, and Outlook.
• Must be able to obtain Secret Clearance, if needed.

Nomad GCS is an equal opportunity employer, (EOE,) and voluntarily follows affirmative action guidelines. As an equal opportunity employer, Nomad GCS does not discriminate in its employment decisions on the basis of race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable state and local laws.