Information System Security Manager (ISSM)

Pay Rate:

The annual base salary range for this position $115,000-$135,000. Please note that the salary information is a general guideline only. At Sawdey Solution Services, we recognize that attracting the best talent is key to our strategy and success as a company. We will consider several factors when extending an offer to an applicant. These factors include (but are not limited to) the position, associated responsibilities, work experience, education, related training, and related skills.

Position Location:

Remote, USA

Telework/Work-from-Home Authorized:

Yes

About the Role:

This position falls under the umbrella of Sawdey's Managed Services Division (MSD). Sawdey MSD is a full-service Managed Service Provider (MSP)/Managed Security Service Provider (MSSP) providing IT and/or cybersecurity services to a variety of different clients (defense/government contractors, municipalities, non-profits, commercial organizations, etc.).

The Information Security Manager will plan, design, implement, and maintain client cybersecurity programs that meet all requirements of the CIA triad: Confidentiality, Integrity, and Availability. This position requires someone who works with minimal supervision. It is essential for this team member to deliver outstanding client service, expert problem solving, communicate effectively, and contribute positively to the Team.

Additional responsibilities include, but are not limited to:

• Support MSD work/contracts inclusive of risk analysis, project management, strategic planning, incident response, asset management, and overall client management.
• Lead and guide clients in developing and maintaining a comprehensive cybersecurity strategy aligned with regulatory standards (e.g., CMMC, NIST 800-171, ISO 270001, etc.).
• Create, establish, and maintain extensive information security standards, policies, and procedures.
• Support all aspects of Sawdey clients' CMMC efforts to include providing CMMC advisory services and ongoing cybersecurity programmatic maintenance activities.
• Generate daily, weekly, and monthly compliance reports and review such reports for anomalies or issues. ?
• Develop implementation plans that meet project goals and security requirements.
• Serve on Sawdey MSD clients' Change Approval Boards and Risk Management Boards.
• Conduct thorough risk assessments to identify and remediate vulnerabilities, threats, and potential impacts on client operations.
• Review security logs to identify risks, security threats, and configuration errors.
• Lead clients' security and compliance-related inquiries (e.g., insurance/cybersecurity questionnaires, risk assessments, incident response, CMMC assessments, etc.).
• Lead client's Incident Response (IR) activities and provide ongoing IR training.
• Leverage Artificial Intelligence (AI) to streamline processes and produce better outcomes for clients.
• Serve as respective clients' main or secondary POC and lead teams to complete project tasks as efficiently, securely, and timely, as possible.
• Translate cybersecurity jargon into non-technical language to assist executive teams in understanding risks and requirements associated with their cybersecurity.
• May assist in hiring, onboarding, and training new IT resources in support of Sawdey MSD.
• Work across departments/clients providing IT expertise for defining project requirements, proposals, cybersecurity program documentation, licensing support, etc.
• Stay current on new industry specific technologies as it relates to the position.
• Communicate and collaborate with clients and colleagues in a professional, respectful, and timely manner.
• Meet with current or prospective clients to assist in evaluating potential project work and/or ongoing support services.
• Continually evaluate and recommend changes for improvement for client systems.
• Provide project status updates and/or overall client status updates to MSD Leadership.
• May prepare both internal and client briefs.
• Understand and adhere to Cybersecurity Maturity Model Certification (CMMC) requirements and policies.
• May serve as a mentor to fellow Sawdey MSD team members.
• Participate in an on-call rotation.
• Perform other duties, as assigned.

Experience Requirements:

• Five (5) + years of IT-related experience.

• Must have experience and a good understanding of cybersecurity frameworks and regulations, including, but not limited to National Institute of Standards and Technology (NIST) Special Publications (SP), International Organization for Standardization (ISO), and Health Insurance Portability and Accountability Act of 1996 (HIPAA).

• Must have experience working with at least some of the following:

• Microsoft 365
• Azure IaaS, PaaS, SaaS Services
• Microsoft Defender
• Windows Server
• VMWare
• Duo
• CrowdStrike
• Veeam
• Vulnerability Scanning and Management
• Configuration Management and Maintenance
• IT and Compliance Documentation
• Client, Project, and Ticket Management

Education Requirements:

• Bachelor's degree in an IT-related field preferred, but not required.

Certificate, License, and Registration Requirements:

• One or more of the following certifications are desired, but not required:
  • CMMC Certified Professional (CCP)
  • Certified Information Systems Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)
  • Microsoft Certified: Cybersecurity Architect Expert
  • Microsoft 365 Certified: Enterprise Administrator Expert
  • Microsoft Certified: Azure Administrator
  • CompTIA Security+
• If the candidate doesn't have the CCP certification. The individual will be required to attend CCP training in the first 3 months and pass the CCP exam within the first 6 months of employment.

Other Required Skills & Abilities:

• Must be able to effectively communicate with customer and fulfill all duties and responsibilities as listed in the contract.
• Must be proficient in Microsoft Office suite including, but not limited to: Word, PowerPoint, Excel, and Outlook.
• Must be able to communicate and collaborate with corporate employees, clients, and colleagues in a professional, respectful, and timely manner.
• Must have daily and accurate time entry accounting for all service and non-service tasks.
• Must be able to articulate technical information to non-technical people.
• Must be self-motivated and self-directed with the ability to work with minimal direction and oversite.
• Must be able to pay very close attention to detail.
• Must be able to participate in an on-call rotation.
• Must be able to use personal smartphone device on an as-needed basis to perform job-related tasks such as supporting an on-call rotation, accessing Microsoft Teams and Outlook, and enabling/signing into multi-factor authentication (MFA) applications.
  • Please Note: Incoming and Outgoing calls are made via an assigned extension in Microsoft Teams desktop. There is no requirement to use a personal smartphone device to support phone calls.

Security Clearance Requirements:

Background Check

US Citizenship Requirements:

To comply with CMMC requirements, as well as U.S. Government contracts, U.S. citizenship is required.
About the Organization Sawdey Solution Services, an ISO 9001 certified and CMMI-SVC v2 Level 3 appraised corporation, has built a nationwide and global footprint as a leading government contracting organization. Specializing in cybersecurity, systems engineering, and operational support, Sawdey invites you to be a part of a team that's at the forefront of securing our nation. Operating successfully since 2001, we are a Woman Owned/Service-Disabled Veteran Owned Business. We provide our clients with premier professional services and technology solutions in an employee-centric environment. We are extremely proud of the culture we have created.

Why Choose Us?

• Mission-Critical Work: We play a vital role in ensuring the security of our nation's digital infrastructure.



• Professional Growth: Embrace the opportunity to take on diverse and dynamic roles that challenge and inspire you.



• Collaborative Culture: You are joining a unified team where your unique contributions are valued and celebrated.

Who We're Looking For:

• Hardworking Individuals: If you're someone who takes initiative, loves a challenge, and is committed to excellence, you'll feel right at home here.



• Talented Professionals: Whether you're an expert in your field or a rising star, we recognize your potential and support your effort toward success.



• Diverse Perspectives: Our strength lies in our diversity. We believe that a diverse team fosters creativity, innovation, and achievement.

EOE Statement We are a Disabled-Veterans-41 CFR 60 1.4, Equal Opportunity Employer. Devoted to creating a diverse and friendly workplace, we do not discriminate against any employee or applicant because of race, age, sex, color, physical or mental disability, religion, sexual orientation, gender identity, marital status, national origin, or veteran status. Our goals and beliefs are that diverse backgrounds and experiences empower and enable us to offer our customers an unmatched level of service. People of color, women, LGBTQIA+, veterans, and persons with disabilities are encouraged to apply!
This position is currently accepting applications.