Posted today
Public Trust
Unspecified
Unspecified
IT - Security
Beavercreek Township, OH (On-Site/Office)
ARS is seeking a skilled ISSM to assist in the development and security hardening of a DevSecOps cloud environment to align with DoD RMF (NIST SP 800-53 r5) and CMMC 2.0 (NIST SP 800-171) security requirements.
Why Work with us?
Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support.Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers.
The Information System Security Manager (ISSM) will lead the cybersecurity governance and compliance efforts for a DoD DevSecOps environment operating on an Azure-based cloud backbone. This role is responsible for overseeing the full lifecycle of Assessment and Authorization (A&A) activities, maintaining continuous Authority to Operate (ATO) compliance, and ensuring the accuracy, completeness, and integrity of all security artifacts within eMASS. The ISSM will develop, implement, and enforce cybersecurity policies, monitor control inheritance and system boundary changes, conduct risk assessments, and guide the engineering team in aligning system configurations with RMF controls, Zero Trust principles, and DoD Cloud SRG requirements. The successful candidate will provide strategic security leadership while ensuring that all technical decisions adhere to federal, DoD, and organizational security mandates.
In addition to technical oversight, the ISSM will serve as the primary liaison to government stakeholders, authorizing officials, mission partners, auditors, and cross-functional engineering teams. This role requires exceptional communication, documentation, and soft skills to translate complex security requirements into actionable guidance, manage expectations, and foster productive relationships across diverse technical and non-technical audiences. The ISSM will facilitate security briefings, coordinate remediation activities, lead collaboration with development and operations teams, and promote a strong security culture throughout the organization. The ideal candidate is a proactive, detail-oriented leader who brings both deep cybersecurity expertise and the interpersonal skills necessary to influence, educate, and drive secure outcomes in a dynamic DevSecOps environment.
Responsibilities include:
Qualifications/ Technical Experience Requirements:
All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.
Why Work with us?
Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support.Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers.
The Information System Security Manager (ISSM) will lead the cybersecurity governance and compliance efforts for a DoD DevSecOps environment operating on an Azure-based cloud backbone. This role is responsible for overseeing the full lifecycle of Assessment and Authorization (A&A) activities, maintaining continuous Authority to Operate (ATO) compliance, and ensuring the accuracy, completeness, and integrity of all security artifacts within eMASS. The ISSM will develop, implement, and enforce cybersecurity policies, monitor control inheritance and system boundary changes, conduct risk assessments, and guide the engineering team in aligning system configurations with RMF controls, Zero Trust principles, and DoD Cloud SRG requirements. The successful candidate will provide strategic security leadership while ensuring that all technical decisions adhere to federal, DoD, and organizational security mandates.
In addition to technical oversight, the ISSM will serve as the primary liaison to government stakeholders, authorizing officials, mission partners, auditors, and cross-functional engineering teams. This role requires exceptional communication, documentation, and soft skills to translate complex security requirements into actionable guidance, manage expectations, and foster productive relationships across diverse technical and non-technical audiences. The ISSM will facilitate security briefings, coordinate remediation activities, lead collaboration with development and operations teams, and promote a strong security culture throughout the organization. The ideal candidate is a proactive, detail-oriented leader who brings both deep cybersecurity expertise and the interpersonal skills necessary to influence, educate, and drive secure outcomes in a dynamic DevSecOps environment.
Responsibilities include:
- Develop and implement information security policies and procedures
- Conduct risk assessments and vulnerability testing
- Monitor and respond to security incidents and threats
- Ensure compliance with industry standards and regulations
- Manage security audits and assessments
- Develop and deliver security awareness training to employees
- Stay up-to-date with the latest security trends and technologies.
- Maintain working relationships with the ISO, AO, SCA, and other IS ISSMs
- Other Duties as Assigned
Qualifications/ Technical Experience Requirements:
- Must be a US citizen
- Bachelor’s degree in cybersecurity, computer science, engineering, or related field (or equivalent experience).
- 5+ years of cybersecurity engineering experience, preferably supporting DoD, federal, or regulated environments.
- Hands-on experience with Azure security tools, including Microsoft Defender suite, Sentinel, Purview, and Azure Policy.
- Strong knowledge of DevSecOps practices, CI/CD pipelines, and integrating security automation into development workflows.
- Deep understanding of DoD RMF, NIST SP 800-53 Rev. 5 controls, and security assessment/evidence requirements.
- Experience implementing CMMC 2.0 or NIST SP 800-171 controls, including documentation, continuous monitoring, and audit readiness.
- Proficiency in vulnerability management tools, remediation processes, and risk-based prioritization.
- Familiarity with threat intelligence platforms, adversary TTP analysis, and building threat-informed security detections.
All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.
group id: 10518843
