Information System Security Manager (ISSM)

3 Months ago • All levels • $165,600 PA - $198,720 PA

Job Summary

Job Description

The Information System Security Manager (ISSM) will lead public sector security compliance projects and audits, collaborating with various teams to implement controls and achieve certifications. Responsibilities include ensuring security configurations, serving as a liaison between stakeholders, developing documentation, conducting vulnerability scans, and leading Risk Management Assessment and Authorization (A&A) processes. The role involves implementing security standards, creating ATO packages, conducting compliance reviews, and providing security awareness training. This position requires a candidate who can solve challenging problems and build strong teams, requiring effective communication and collaboration skills.
Must have:
  • Active US Top Secret security clearance.
  • Minimum IAT Level 2 certification (Security +, CASP, or similar).
Good to have:
  • Experience with FedRAMP, DoD Cloud Computing SRG, NIST 800-171, NIST 800-53, CMMC, NIST 800-53.
  • STIG/RMF policy knowledge & implementation.
  • Experience in project management.
  • Ability to translate between business and technical risk and communicate to leadership.
  • Excellent organizational and communications skills.
  • Understanding of cybersecurity controls for cloud service providers.
  • Knowledge of AWS and other government authorized cloud services.
  • 5+ years of security compliance or technology audit related experience.

Job Details

Our Security team works on operational issues at the leading edge of machine learning technology. You will join a creative and solutions-oriented team collaborating with internal teams at Scale and externally with our customers. Scale is looking for an experienced security and compliance professional to support Assessment and Authorization and agency audit activities for Scale’s products that are offered in the US Government and global Public Sector space. We are looking for relentlessly curious, deliberately open-minded, and action-oriented generalists who can design effective legal advice, internal policies, and operational processes while employing an empathetic interpersonal style. If you enjoy solving novel and challenging problems and building strong teams and relationships while doing it, we’d love to hear from you!

You will:

  • Lead public sector security compliance projects and audits (FedRAMP HIGH, DoD Cloud Computing SRG IL4/IL5/IL6 , NIST 800-53 rev 5, NIST 800-171/CMMC, Risk Management Framework)
  • Collaborate with product, engineering, security, operations, people operations, and legal to implement new technical, administrative, and operational controls
  • Work with 3PAOs and federal government AOs to achieve compliance certifications and reports
  • ​​Ensure the implementation, oversight, monitoring, and maintenance of security configurations, practices, and procedures 
  • Serve as a liaison between system owners and other security personnel, ensuring that selected security controls are effectively implemented and maintained throughout the lifecycle of projects
  • Act as a liaison between system owners and other security personnel to facilitate effective communication and collaboration
  • Develop, maintain, review, and update system security documentation on a continuous basis 
  • Conduct required vulnerability scans and develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities. Manage risks by coordinating correction or mitigation actions and tracking the completion of POAMs 
  • Coordinate system owner concurrence for correction or mitigation actions and monitor security controls to maintain security Authorized To Operate (ATO)
  • Upload security control evidence to the Governance, Risk, and Compliance (GRC) application (eMASS or Xacta) to support security control implementation during the monitoring phase
  • Lead Risk Management Assessment and Authorization (A&A) processes for deployments
  • Perform Cloud system risk assessments, enhance process workflows, and develop new processes
  • Implement all applicable manual Security Technical Implementation Guides (STIGs), vendor hardening guides and ensuring timely installation of all available patches
  • Create and maintain ATO packages
  • Lead security compliance reviews for new products, changes, and features
  • Proactively evaluate and advise the business on new and evolving certification programs, requirements, and technologies
  • Develop and provide training to improve the security awareness and knowledge for all employees and contractors

Required:

Active US Top Secret security clearance with minimum IAT Level 2 certification (Security +, CASP, or similar) 

Ideally you’d have:

  • Experience implementing and maintaining some of the following frameworks and standards: FedRAMP, DoD Cloud Computing SRG, NIST 800-171, NIST 800-53, CMMC, NIST 800-53.
  • STIG/RMF policy knowledge & implementation, including validating compliance via ACAS and other relevant tests.
  • Experience in project management and taking projects from conception to launch
  • An ability to translate between business and technical risk and communicate clearly to leadership
  • Excellent organizational and communications skills
  • Understanding of cybersecurity controls for cloud service providers
  • Knowledge of AWS and other government authorized cloud services
  • 5+ years of security compliance or technology audit related experience

Nice-to-haves:

  • Bachelor’s degree in accounting, information systems, computer science, or a related field

Similar Jobs

Tesla - Senior Direct Materials Buyer

Tesla

Brandenburg, Germany (On-Site)
5 Months ago
P99 soft - QA Lead (JavaScript)

P99 soft

Hyderabad, Telangana, India (On-Site)
3 Months ago
OKX - BD Director (VIP clients)

OKX

Hong Kong (On-Site)
2 Months ago
bytedance - Product Operation Manager Intern

bytedance

Singapore (On-Site)
2 Months ago
PlayStation Global - Character Artist (ExDev - Contract)

PlayStation Global

Los Angeles, California, United States (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Ziff Davis - Sales Operations Manager

Ziff Davis

United States (Remote)
2 Months ago
Whatnot - Strategy & Operations Associate, Commerce

Whatnot

New York, United States (On-Site)
2 Months ago
Lead Venture - SEO Specialist

Lead Venture

Belmopan, Cayo District, Belize (On-Site)
1 Month ago
Any Desk - Software Developer C++

Any Desk

Stuttgart, Baden-Württemberg, Germany (On-Site)
2 Months ago
Tesla - Service Technician / Automotive Mechanic

Tesla

England, United Kingdom (On-Site)
5 Months ago
grendel games - Product Marketer

grendel games

Leeuwarden, Friesland, Netherlands (Hybrid)
4 Weeks ago
bytedance - Machine Learning Engineer Intern (Knowledge Graph) - 2024 Start (PhD)

bytedance

Seattle, Washington, United States (On-Site)
9 Months ago
Hitachi - Microsoft Dynamics 365 CE Developer (Offshore Delivery)

Hitachi

Pune, Maharashtra, India (Remote)
9 Months ago
OKX - Internal Audit Lead

OKX

İstanbul, Türkiye (On-Site)
2 Months ago
WebFX - Junior Outreach Strategist (Non-Client Facing)

WebFX

Harrisburg, Pennsylvania, United States (On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Washington, District of Columbia, United States

Nice - Mid-level Software Engineer

Nice

Park City, Utah, United States (On-Site)
1 Month ago
Kavalirio - Senior Electrical Project Manager

Kavalirio

Garden City, Georgia, United States (On-Site)
1 Month ago
Absurd Ventures - General Audio Fiction Application

Absurd Ventures

Santa Monica, California, United States (On-Site)
3 Months ago
GoMotive - Account Executive, Enterprise

GoMotive

United States (Remote)
3 Months ago
Kavalirio - Senior Customer Service Support Engineer

Kavalirio

Dulles, Virginia, United States (On-Site)
3 Months ago
SBM Management - Custodial Lead

SBM Management

Topeka, Kansas, United States (On-Site)
2 Months ago
Riot Games - Service Reliability Analyst II - ITIL

Riot Games

Los Angeles, California, United States (On-Site)
3 Months ago
bytedance - Backend Engineer(Distributed System) - Network Security - San Jose

bytedance

San Jose, California, United States (On-Site)
9 Months ago
SBM Management - Assistant Operations Manager - MIT

SBM Management

Wichita, Kansas, United States (On-Site)
3 Months ago
ISG - Associate Director

ISG

Stamford, Connecticut, United States (Remote)
3 Months ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

London, England, United Kingdom (On-Site)

London, England, United Kingdom (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Scale AI

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug