Contract Information System Security Manager Issm Jobs

Job Summary:
E-Space is bridging Earth and space to enable hyper-scaled deployments of Internet of Things (IoT) solutions and services. The Information Systems Security Manager (ISSM) is responsible for the cybersecurity posture and compliance of classified information systems, ensuring adherence to regulations and managing security policies and incident responses.
Responsibilities:
• Lead the Assessment and Authorization (A&A) process for all classified IS under the Risk Management Framework (RMF) in accordance with NIST SP 800-37 and DAAPM.
• Prepare, maintain, and submit System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), and Authorization to Operate (ATO) packages.
• Serve as the primary liaison with DCSA and Government customer representatives during system assessments, inspections, and audits.
• Maintain and manage the System Security Authorization Agreement (SSAA) or equivalent documentation for all IS operating at the TS level or above.
• Ensure all classified information systems comply with 32 CFR Part 117 (NISPOM), applicable DoD and IC cybersecurity policies, Contract Data Requirements List (CDRLs), and Statement of Work (SOW) security requirements.
• Develop, implement, and maintain facility-level Information Systems Security policies, procedures, and Standard Operating Procedures (SOPs).
• Enforce configuration management (CM) controls and ensure all hardware/software changes to classified IS are reviewed and approved prior to implementation.
• Conduct periodic self-inspections of classified IS programs and remediate findings in coordination with the FSO and program leadership.
• Implement and manage a Continuous Monitoring (ConMon) program for all authorized classified information systems.
• Monitor audit logs, SIEM alerts, and vulnerability scan results; investigate anomalies and potential insider threats.
• Serve as the Facility Incident Response Manager for classified information system security incidents; coordinate reporting to DCSA and GCAs within required timeframes.
• Conduct or oversee technical vulnerability assessments and penetration testing as required by the CSA or contract requirements.
• Oversee ISSM-delegated Information System Security Officer (ISSO) personnel; provide mentorship, task delegation, and performance oversight.
• Develop and deliver annual IS security awareness training and role-based training for users of classified information systems.
• Maintain personnel access records and access control lists (ACLs) for all classified IS; ensure need-to-know verification prior to system access grants.
• Coordinate with the FSO to ensure the integration of personnel security and information security requirements.
• Coordinate with facilities and physical security teams to ensure IS are housed in appropriately accredited spaces (SCIFs, Closed Areas, SAPs) in accordance with ICD 705 and DCSA physical security standards.
• Manage and enforce media protection, sanitization, and destruction procedures for classified storage media in accordance with NSA/CSS EPL requirements.
• Oversee PKI, multi-factor authentication (MFA), and privileged access management (PAM) implementations across classified networks.
Qualifications:
Required:
• Active Top Secret (TS) security clearance; SCI eligibility required or must be obtainable within 6 months of hire
• Minimum of 10 years of progressive experience in information systems security within a DoD or Intelligence Community classified environment with 5 or more year’s direct experience as an ISSM, ISSP, Security Control Assessor (SCA), or equivalent position
• Demonstrated ISSM or ISSO experience supporting DCSA-adjudicated classified IS programs under NISPOM/DAAPM
• A minimum of 3 years of direct working knowledge of the NIST RMF process (NIST SP 800-37, 800-53, 800-171) and DoD Assessment Methodology (DAAPM)
• Experience preparing and managing ATOs, SSPs, SAPs, and POA&Ms for TS and SCI-level information systems
• Proficiency with eMASS (Enterprise Mission Assurance Support Service) or equivalent GRC tool
• Working knowledge of SIEM platforms, vulnerability scanners (e.g., ACAS/Nessus), and HBSS/endpoint security tools
• IAM Level II or III certification required per DoD 8570.01-M / DoD 8140 (e.g., CISSP, CISM, GSLC, or equivalent)
• Master’s degree or Bachelor's degree with equivalent work experience and certifications in Cybersecurity, Information Technology, Computer Science, or a related technical discipline, OR equivalent verifiable experience
Preferred:
• Current TS/SCI access with polygraph (CI or Full Scope)
• Experience supporting Special Access Programs (SAPs) or Sensitive Compartmented Information Facilities (SCIFs)
• Familiarity with Cross Domain Solutions (CDS), data transfer processes, and CDSE/NSA approval workflows
• Experience with LINUX and Windows hardened STIG baseline implementation and validation
• Knowledge of ICD 503, ICS 500-27, and CNSSI 1253 security control overlays
• Prior DCSA inspection experience (NISP, SAP, or SCI programs)
• Additional certifications such as CASP+, CCSP, Security+, or CEH are a plus
• Direct experience managing the system lifecycle of connected classified systems including Secret Defense Research and Engineering Network (SDREN), Secret Internet Protocol Router Network (SIPRNET), Non-classified Internet Protocol Router Network (NIPRNET), and Joint Worldwide Intelligence Communications System (JWICS) systems
Company:
E-Space is bridging Earth & space with the most sustainable LEO space system, delivering real-time, anywhere comms, IoT & Smart-IoT services Founded in 2021, the company is headquartered in Toulouse, FRA, with a team of 201-500 employees. The company is currently Growth Stage.