Cybersecurity Manager/ISSO

Responsibilities

• Communicate the value of information technology security to stakeholders across all organizational levels.
• Advise senior leadership on changes that impact cybersecurity posture, including evolving risks and compliance status.
• Collaborate with a geographically dispersed team to coordinate cybersecurity inspections, tests, and reviews.
• Develop, distribute, and maintain security-related plans, instructions, SOPs, and guidance for the operational environment.
• Communicate security and compliance matters to government leaders, operations, and ISSO personnel.
• Deliver status updates on cybersecurity metrics, risk indicators, compliance trends, and key results to senior government and GDIT leadership.
• Oversee policy standards and ensure implementation strategies align with established cybersecurity requirements.
• Ensure successful implementation of security requirements, policies, and procedures consistent with approved security baselines.
• Provide remediation guidance to cybersecurity staff and ensure compliance with regulatory, contractual, and policy requirements.
• Support updates to policies, procedures, and standards using NIST 800 ‑ 53, best practices, and emerging compliance needs.
• Align IT security priorities with the broader cybersecurity strategy, including interpreting security requirements for new technologies.
• Support acquisition activities in accordance with DoW/USAF supply ‑ chain ‑ risk ‑ management practices.
• Assist with management of cybersecurity budgets, staffing, and contractual objectives.
• Perform cybersecurity activities for a large program; support policy creation, dissemination, and auditing.
• Support government ISSMs in preparing ATO, ATC, IATT, POA&M, and other RMF/ISSO documentation as required.
• Support development and execution of required ST&V plans.
• Produce ISSO materials, including project briefs and RMF action status for DoW IT packages.
• Provide analysis of system architecture, security impact assessments, and risk mitigation strategies.
• Provide security design oversight for build processes of servers, services, and endpoints.
• Ensure compliance with hosting facility ATOs for dependent systems.
• Implement and enforce strong cybersecurity and vulnerability management practices.
• Conduct compliance and vulnerability audits using STIG Viewer, DISA SCAP, eMASSter, ACAS, and ESS Policy Auditor across Linux, Windows, Cisco, Juniper, VMware, and related technologies.
• Execute Continuous Monitoring activities, including creation, tracking, and closure of POA&Ms and Risk Acceptances.
• Communicate threat information to government leadership and cybersecurity teams to support risk decisions.
• Execute DoW RMF in accordance with DoW 8510, including security control validation and test coordination.
• Coordinate with AFRL, USAF, and other agencies for audits, inspections, CVAs, ST&Vs, and CCRI events as required.
• Assess change requests (firewall, systems, networks) to determine organizational risk.
• Maintain information system integrity through enforcement of organizational security policies and vulnerabilit

Requirements

• Information Assurance, Security Requirements, Vulnerability Assessments Certifications:
• None Experience:
• 10 + years of related experience US Citizenship Required:
• Yes
• Job Description:

Additional Information

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret/SCI Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications:

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at General Dynamics IT? Share your experience