Information System Security Manager

JOB TITLE: Information System Security Manager (ISSM)
LOCATION: Ft. Eustis and Hybrid (Must be willing to go onsite 2-3 days per week)
CLEARANCE: Secret or TS

ABOUT US:
Soliel is an innovative, premium engineering company specializing in providing Enterprise Architecture, Network Design, Engineering, and Operations Support, Software Design and Development, Data Center Design, Deployment and Migration, and Systems Engineering services for both public and private sectors.

Our Federal systems integration team manages the complexity inherent with technology change, from requirements planning to architecture, testing to deployment, and beyond. We also offer a complete range of industry-leading services, including architecture, systems development, information assurance, solution and platform integration, and program management, functional, and testing services.

Over the years, Soliel's team of technical experts has consistently delivered outstanding innovative solutions and services that meet or exceed customer expectations and satisfaction.

JOB DESCRIPTION:
The Information System Security Manager (ISSM) is responsible for leading and managing cybersecurity operations for enterprise and cloud-based information systems operating across classified and unclassified environments. The ISSM oversees the implementation and maintenance of the Risk Management Framework (RMF), ensuring systems meet Department of Defense (DoD) cybersecurity requirements and comply with federal regulations such as NIST 800-53 and FISMA. This role provides strategic oversight for security assessments, vulnerability management, continuous monitoring, and policy enforcement to protect organizational information assets and maintain system authorization.

KEY RESPONSIBILITIES:
• Lead the implementation and sustainment of the DoD Risk Management Framework (RMF) for assigned information systems, ensuring compliance with DoD cybersecurity policies and system authorization requirements.
• Manage system authorization activities including development and maintenance of RMF documentation (e.g., SSPs, SARs, POA&Ms) and coordination with Authorizing Officials and Security Control Assessors.
• Oversee security assessments, audits, and continuous monitoring programs to maintain compliance with NIST SP 800-53, FISMA, and DoD cybersecurity standards.
• Direct vulnerability management activities, including ACAS scanning, remediation tracking, and reporting through AESS and DISA’s Cybersecurity Management Reporting System (CMRS).
• Develop, implement, and maintain enterprise information security policies, procedures, and security controls to ensure protection of organizational systems and data.
• Coordinate with system owners, administrators, and engineering teams to identify security risks, implement mitigation strategies, and maintain the cybersecurity posture of cloud and on-premise systems.

REQUIRED SKILLS:
• Demonstrated experience implementing and managing DoD Risk Management Framework (RMF) processes.
• Strong knowledge of DoD cybersecurity policies, including DoD 8510.01 RMF guidance and NIST SP 800-53 security controls.
• Experience managing system authorization activities (ATO, IATO, ATT) within eMASS or similar RMF tools.
• Experience overseeing vulnerability management programs, including ACAS scanning and remediation processes.
• Experience conducting security assessments, compliance reviews, and continuous monitoring activities.
• Strong understanding of cybersecurity risk management, security architecture, and system security engineering principles.
• Ability to work collaboratively with program leadership, system owners, engineers, and security teams.
• Meets DoD 8570/8140 Information Assurance Workforce requirements for an ISSM position, with current certification such as CISSP,CISA, CASP+, or equivalent.

PREFERRED SKILLS:
• Experience supporting DoD cloud environments and cloud security frameworks (e.g., FedRAMP, DoD Cloud Computing SRG).
• Familiarity with DISA cybersecurity tools and reporting platforms, including AESS and CMRS.
• Experience supporting cybersecurity for classified and unclassified networks.
• Experience developing enterprise cybersecurity policies and governance frameworks.
• Prior experience supporting DoD programs or federal cybersecurity compliance initiatives.

COMPENSATION:
• Excellent compensation commensurate with experience in related field(s) and performance
• Major medical, dental, and vision
• Paid holidays
• Paid Time Off (PTO)