Information Systems Security Manager

STR is seeking an Information Systems Security Manager (ISSM) with active Top Secret clearance to support the cybersecurity posture of our classified programs. In this role, you will play a vital part in protecting critical national security technologies while collaborating with government partners, engineers, and cybersecurity professionals across the organization.

This position is ideal for someone who enjoys blending technical cybersecurity expertise with program leadership, and who thrives in a collaborative, innovative, and mission-driven environment.

As an ISSM at STR, you will work directly with the government cognizant security agency (CSA) and internal technical teams to ensure our classified systems meet the highest standards of cybersecurity compliance and operational security. You will guide programs through the Risk Management Framework (RMF) lifecycle and help shape the design, maintenance, and monitoring of secure systems.

Please note…this is not a remote role and requires you to be onsite.

What You’ll Do

Lead cybersecurity compliance for classified programs

• Manage the cybersecurity posture of classified information systems in accordance with U.S. Government requirements including the Joint Special Access Implementation Guide (JSIG), Intelligence Community Directive (ICD) 503, and DCSA Assessment and Authorization Guide (DAAG)
• Serve as the primary cybersecurity point of contact for assigned program networks, collaborating with government customers and internal teams

Support RMF and Assessment & Authorization activities

• Lead Assessment & Authorization (A&A) efforts including certification testing of security controls
• Develop and maintain security documentation such as System Security Plans (SSPs), Risk Assessment Reports (RARs), Standard Operating Procedures (SOPs), and Security Controls Traceability Matrix (SCTM)
• Manage Continuous Monitoring (ConMon) activities and Plan of Action and Milestone (POA&M) tracking

Maintain and strengthen security posture

• Conduct periodic system inspections and audits to verify compliance with approved security configurations
• Apply deep knowledge of NIST 800-53 controls to ensure accredited networks remain compliant
• Support hardware/software change management, account management, media protection, and data transfers within accredited environments

Collaborate across security and engineering teams

• Work closely with Information System Security Officers (ISSOs), Information System Security Engineers (ISSEs), System Administrators, Facility Security Officer (FSO), and Contractor Special Security Officer (CSSO) to implement and maintain information systems security posture
• Partner with Program Managers and Engineers to define and implement network requirements for new programs
• Assist the FSO, CPSO, and incident response teams on security events and data spill response

Drive continuous improvement

• Contribute to improving cybersecurity processes and security practices across programs
• Demonstrate a can-do attitude and provide innovative, compliant solutions through creative analysis

What You Bring

Security Clearance

• Active Top Secret security clearance with the ability to obtain SAP and SCI access (U.S. citizenship required)

Certification

• DoD 8140/8570 IAM Level III certification (CISM, CISSP, etc.)

 

Experience

• 2-4 years as an ISSM implementing JSIG, DAAG, and/or ICD 503 IS requirements.
• Previous security experience in a SAP/SCI environment
• Experience with configuration, certification, and auditing/analysis of Windows/Linux operating systems in Peer-to-Peer, LAN, and WAN network environments

Skills and Knowledge

• Familiarity with vulnerability, compliance, and audit tools