Information Systems Security Manager (ISSM), SME PR - 1294

PE Systems, Inc. has a great opportunity for an Information Systems Security Manager (ISSM), SME supporting Nuclear Command, Control, and Communications (NC3) Program at Hanscom AFB, MA. The ideal candidate will perform work that applies a broad theoretical and practical knowledge of engineering to the planning, design, and implementation of secure and resilient communications and information systems.

PE Systems, Inc. genuinely cares about their employees. We bring together the best people and the best careers.  Our family of talented and focused professionals enjoy PE Systems’ generous PTO and Holidays, great benefits and great pay. 

Voted Best Places to Work in Dayton since 2022!

• Ensure the confidentiality, integrity, and availability of DoD systems, networks, and data by developing, implementing, and maintaining comprehensive cybersecurity programs in accordance with DoD and Air Force policies.
• Serve as the advanced-level Information Systems Security Manager (ISSM), responsible for maintaining the overall cybersecurity posture and implementing RMF as defined in DoD 8510.01.
• Manage Assessment & Authorization (A&A) efforts, ensuring the quality, completeness, and compliance of all RMF-related activities, artifacts, and documentation.
• Develop and execute Continuous Monitoring (ConMon) plans to provide ongoing awareness of system vulnerabilities and risks, supporting risk-based decision-making.
• Maintain, track, and report system A&A status, issues, and progress per DoD component guidance, including FISMA compliance and Plan of Action & Milestones (PoA&M) management.
• Analyze proposed changes such as CRs, PRs, and DRs to assess security impacts; document findings and update RMF artifacts accordingly.
• Participate in Change Control Boards (CCBs), working groups, and coordination meetings to ensure cybersecurity requirements remain integrated with technical baselines and system designs.
• Conduct and support system-level security testing and evaluation activities, including reviewing test plans/results and observing testing for compliance with cybersecurity controls.
• Perform formal risk assessments and develop documentation such as letters of assurance, security impact assessments, and risk acceptance or deviation letters.
• Provide subject matter expertise and cybersecurity guidance to Program Managers, System Engineers, and other stakeholders throughout the system life cycle.
• Support and coordinate Trusted Systems & Networks (TSN) and Supply Chain Risk Management (SCRM) evaluations of hardware, software, and program information.
• Ensure appointment and oversight of ISSMs and ISOs; validate their compliance with cybersecurity policies, accountability roles, and system handling requirements.
• Maintain a centralized repository of all cybersecurity-related documentation, including RMF artifacts, policy documents, and system security plans.
• Ensure all security incidents, data spills, or unauthorized disclosures are reported and handled according to DoD Manual 5200.01 (Volumes 3 & 4), and appropriate response actions are coordinated.
• Manage secure configuration of IT products/services at or below system level and ensure compliance before integration into DoD systems or networks.
• Maintain system portfolio data within ITIPS and other tracking systems to support statutory compliance with FISMA, Clinger-Cohen Act, and other governance frameworks.
• Author, review, and maintain RMF documentation such as System Security Plans, Program Protection Plans (PPPs), OPSEC Plans, and Security Risk Analyses.
• Prepare and submit monthly RMF package status reports, highlighting authorization progress, PoA&M items, artifact delivery, compliance metrics, and key schedule milestones.
• Support external assessments, penetration tests, and cybersecurity evaluations conducted by agencies such as NSA, DISA, AFAA, and other designated organizations.
• Ensure ISSM personnel meet advanced-level qualifications per DoD Cyber Workforce Framework (DoDI 8140 series), including role-based requirements for ISSM (722) and Vulnerability Analyst (541).
  
  

Qualifications

Education/Certifications/Experience/Skills:

• MA Degree and at least 20 years of experience in the related field, 12 of which must be with the DoD.
• OR, BA Degree and at least 25 years of experience related to the position requirements, 15 of which must be with the DoD.
• OR, 30 years of directly related experience, 20 of which must be with the DoD.
• Must possess and maintain a government security clearance at the TS/SCI Level.
• Must be proficient in the use of Microsoft Office Applications and other standard applications.
  
  

PE Systems, Inc. is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for Employment without regard to race/ethnicity, color, religion, sex, nation origin, ancestry, age, sexual orientation, gender identity, genetic information, marital status and disability (including physical or mental disability as well as pregnancy) veteran status or any other status protected by the Federal, State or local law.

#cj