Information Systems Security Manager (ISSM)
il y a 1 jour
Barcelona
ppFoxtrot Division is positioned at the forefront of cyber systems engineering, driven by a mission to create secure systems that empower our clients to excel in their endeavors. At the heart of our success are our people—our dedicated engineers and team members—whose expertise, creativity, and passion are the bedrock of our success. We understand that our strength lies in the collective spirit and the unique talents of our team, which is why we deeply value and invest in their growth and well-being. Our mission is rooted in transcending the ordinary, a force that unites us and propels us forward. We are not content with business as usual; we are the rockstars of our industry, challenging the status quo, and setting the pace for innovation and excellence. Our DNA-thinking deeply, speaking boldly, leading by example, and striving to be great—defines us and our approach to everything we do. At Foxtrot Division, we are committed to leading the way, ensuring that our products, services, and team members are aligned with our core purpose. Through this alignment, we aim to leave a lasting, positive impact on the world, driving us further and faster towards our vision of excellence, with our people leading the charge. /p pThe Information Systems Security Manager (ISSM) serves as the senior cybersecurity leader responsible for overseeing and maintaining the security, compliance, and risk management of enterprise information systems. This role leads cybersecurity strategy, Risk Management Framework (RMF) activities, continuous monitoring, vulnerability management, and authorization efforts while ensuring compliance with federal and DoD cybersecurity requirements. The ISSM works closely with executive leadership, system owners, and security teams to protect organizational assets, manage cybersecurity risks, and maintain secure, authorized operations across the enterprise. /p h3Key Responsibilities /h3 ul liServe as the senior cybersecurity authority and subject matter expert (SME) responsible for the organization's Information Assurance (IA) and Cybersecurity Program. /li liLead the planning, implementation, governance, and continuous improvement of cybersecurity policies, standards, procedures, and best practices across the enterprise. /li liDirect and oversee Risk Management Framework (RMF) activities throughout the system lifecycle, ensuring systems achieve and maintain Authority to Operate (ATO), Interim Authority to Operate (IATO), or Authorization to Connect (ATC) status. /li liProvide strategic leadership for cybersecurity risk management, continuous monitoring, compliance, and security modernization initiatives. /li liReview, approve, and maintain cybersecurity authorization artifacts, including System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POAMs), Security Control Traceability Matrices (SCTMs), and contingency planning documentation. /li liServe as the primary liaison between Authorizing Officials (AOs), Information System Owners (ISOs), Information System Security Officers (ISSOs), system administrators, executive leadership, and external cybersecurity stakeholders. /li liLead enterprise vulnerability management, remediation efforts, and security assessment activities to identify, prioritize, and mitigate cybersecurity risks. /li liOversee continuous monitoring programs, security control effectiveness assessments, penetration testing reviews, audit response activities, and compliance reporting. /li liDevelop and present executive-level cybersecurity metrics, risk assessments, and compliance status reports to support informed decision-making. /li liCoordinate cybersecurity inspections, audits, and assessments, ensuring timely remediation of findings from Security Control Assessors (SCAs), Inspector General (IG), Government Accountability Office (GAO), and other oversight organizations. /li liProvide leadership and oversight during cybersecurity incidents, coordinating response efforts, risk mitigation strategies, and post-incident corrective actions. /li liSupervise, mentor, and provide technical guidance to ISSOs, cybersecurity analysts, and security personnel while fostering a culture of security awareness and accountability. /li liDevelop and manage cybersecurity awareness, role-based training, and workforce development programs to enhance organizational cybersecurity maturity. /li liSupport cybersecurity budget planning, resource management, acquisition activities, and evaluation of emerging security technologies to strengthen organizational security posture. /li liAdvise senior leadership on cybersecurity strategy, emerging threats, organizational risk exposure, and regulatory compliance requirements to ensure secure and mission-aligned operations. /li /ul h3Required Qualifications /h3 ul liBachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field (Master's degree preferred). /li li10+ years of experience in Information Assurance, Cybersecurity, Information Security, or Risk Management, including at least 5 years in a leadership or management role. /li liExperience managing NIST Risk Management Framework (RMF) activities, system authorization efforts, and cybersecurity compliance programs. /li liExperience supporting federal government, Department of Defense (DoD), Intelligence Community (IC), or other regulated cybersecurity environments. /li liStrong knowledge of NIST RMF, NIST SP 800-53, FISMA, and related federal cybersecurity requirements. /li liExperience with continuous monitoring, vulnerability management, risk assessment, and security compliance activities. /li liCISSP certification required; CISM, CAP, or GSLC certifications are a plus. /li liExperience with eMASS or similar authorization management platforms preferred. /li liActive DoD Secret security clearance required (DoD Top Secret/SCI eligibility preferred). /li liU.S. Citizenship. /li /ul h3Benefits and Perks /h3 ul liCompetitive salary, paid biweekly. /li li$100 monthly reimbursement for cell phone and Internet. /li li$3000 yearly training budget. /li liTop-tier medical, dental, and vision insurance coverage. /li liMedical, dental, and vision insurance premiums covered 100% by Foxtrot Division. /li liGenerous PTO policy with 15 days of annual leave and 11 paid holidays. /li liParental leave. /li liOn-the-spot cash awards. /li liFoxtrot Division sponsored events and activities. /li /ul /p #J-18808-Ljbffr