Information Systems Security Manager (ISSM) I
Company: GD Information Technology
Location: Colorado Springs
Posted on: April 1, 2026
|
|
|
Job Description:
Type of Requisition: Regular Clearance Level Must Currently
Possess: Top Secret Clearance Level Must Be Able to Obtain: Top
Secret SCI Polygraph Public Trust/Other Required: None Job Family:
Cyber and IT Risk Management Job Qualifications: Skills:
Cybersecurity, Information Security, Information System Security,
Security Evaluations Certifications: None Experience: 5 years of
related experience US Citizenship Required: Yes Job Description:
RQ172755 Information Systems Security Manager (ISSM) I The ISSM’s
primary function serves as a principal advisor on all matters,
technical and otherwise, involving the security of information
systems under their purview. Primary support will be working within
Special Access Programs (SAPs) supporting Department of Defense
(DoD) agencies, such as HQ Air Force, Office of the Secretary of
Defense, and Military Compartment efforts. The position will
provide “day-to-day” support for Collateral, Sensitive
Compartmented Information (SCI) and Special Access Program (SAP)
activities. Performance shall include: Perform oversight of the
development, implementation and evaluation of information system
security program policy; special emphasis placed upon integration
of existing SAP network infrastructures. Develop and oversee
operational information systems security implementation policy and
guidelines of network security, based upon the Risk Management
Framework (RMF) with emphasize on Joint. Advise customer on Risk
Management Framework (RMF) assessment and authorization issues.
Perform risk assessments and make recommendations to DoD agency
customers. Advise government program managers on security testing
methodologies and processes. Evaluate authorization documentation
and provide written recommendations for authorization to government
PMs. Develop and maintain a formal Information Systems Security
Program. Ensure that all IAOs, network administrators, and other
cyber security personnel receive the necessary technical and
security training to carry out their duties. Develop, review,
endorse, and recommend action by the AO or DAO of system assessment
documentation. Ensure approved procedures are in place for
clearing, sanitizing, and destroying various types of hardware and
media. Develop and execute security assessment plans that include
verification that the features and assurances required for each
protection level functioning. Maintain and/or applicable repository
for all system authorization documentation and modifications.
Institute and implement a Configuration Control Board (CCB)
charter. Develop policies and procedures for responding to security
incidents, to include investigating and reporting security
violations and incidents. Ensure proper protection or corrective
measures have been taken when an incident or vulnerability has been
discovered within a system. Ensure that data ownership and
responsibilities are established for each authorization boundary,
to include accountability, access rights, and special handling
requirements. Ensure development and implementation of an
information security education, training, and awareness program, to
include attending, monitoring, and presenting local cyber security
training. Evaluate threats and vulnerabilities to ascertain whether
additional safeguards are needed. Assess changes in the system, its
environment, and operational needs that could affect the
authorization. Ensure that authorization is accomplished a valid
Authorization determination has been given for all authorization
boundaries under your purview. Review AIS assessment plans.
Coordinate with PSO or cognizant security official on approval of
external information systems (e.g., guest systems, interconnected
system with another organization) Conduct periodic assessments of
the security posture of the authorization boundaries. Ensure
configuration management (CM) for security-relevant changes to
software, hardware, and firmware and that they are properly
documented. Ensure periodic testing is conducted to evaluate the
security posture of IS by employing various intrusion/attack
detection and monitoring tools (shared responsibility with ISSOs)
Ensure that system recovery and reconstitution processes developed
and monitored to ensure that the authorization boundary can be
recovered based on its availability level determination. Ensure all
authorization documentation is current and accessible to properly
authorized individuals. Ensure that system security requirements
are addressed during all phases of the system life cycle. Develop
Assured File Transfers (AFT) on accordance with the JSIG.
Participate in self-inspections. Conduct the duties of the
Information System Security Officer (ISSO) if one is not present
and/or available. Experience: 5 years related experience. Prior
performance in roles such as ISSO or ISSM. SAP experience desired
Education: Bachelor’s degree in related discipline OR Associate’s
degree in a related area 2 years’ experience OR equivalent
experience (4 years) Certifications: IAT Level II (Security CE,
CCNA Security, etc.) or IAM Level II - within 6 months of hire
Security Clearance: TS with ability to obtain TS/SCI prior to
start, and willingness to submit to a CI polygraph. Other
Requirements: Must having working knowledge of DoD, National and
applicable service and agency security policy, manuals and
standards Must be able to regularly lift up to 50lbs.
AirforceSAPOpportunities The likely salary range for this position
is $99,705 - $134,895. This is not, however, a guarantee of
compensation or salary. Rather, salary will be set based on
experience, geographic location and possibly contractual
requirements and could fall outside of this range. Scheduled Weekly
Hours: 40 Travel Required: None T elecommuting Options: Onsite Work
Location: USA CO Colorado Springs Additional Work Locations: Total
Rewards at GDIT: Our benefits package for all US-based employees
includes a variety of medical plan options, some with Health
Savings Accounts, dental plan options, a vision plan, and a 401(k)
plan offering the ability to contribute both pre and post-tax
dollars up to the IRS annual limits and receive a company match. To
encourage work/life balance, GDIT offers employees full flex work
weeks where possible and a variety of paid time off plans,
including vacation, sick and personal time, holidays, paid
parental, military, bereavement and jury duty leave. To ensure our
employees are able to protect their income, other offerings such as
short and long-term disability benefits, life, accidental death and
dismemberment, personal accident, critical illness and business
travel and accident insurance are provided or available. We
regularly review our Total Rewards package to ensure our offerings
are competitive and reflect what our employees have told us they
value most. We are GDIT. A global technology and professional
services company that delivers consulting, technology and mission
services to every major agency across the U.S. government, defense
and intelligence community. Our 30,000 experts extract the power of
technology to create immediate value and deliver solutions at the
edge of innovation. We operate across 50 countries worldwide,
offering leading capabilities in digital modernization, AI/ML,
Cloud, Cyber and application development. Together with our
clients, we strive to create a safer, smarter world by harnessing
the power of deep expertise and advanced technology. Join our
Talent Community to stay up to date on our career opportunities and
events at gdit.com/tc . Equal Opportunity Employer / Individuals
with Disabilities / Protected Veterans
Keywords: GD Information Technology, Parker , Information Systems Security Manager (ISSM) I, IT / Software / Systems , Colorado Springs, Colorado
