Emass Jobs (NOW HIRING)

Zachary Piper Solutions is seeking an Information Systems Security Manager to support a high-visibility National Security contract in Arlington, VA (100% onsite) . The Information Systems Security Manager will bring deep expertise in DoD cybersecurity governance, RMF execution, & enterprise ISSM operations supporting emerging AI, data, and analytics capabilities. The ISSM will play a critical role in maturing enterprise cybersecurity practices, managing authorization workflows, mentoring personnel, & ensuring consistent, scalable security operations across a fast-paced and mission-critical environment. Responsibilities of the Information Systems Security Manager include: * Lead Program Operations: Serve as the primary contract point of contact, managing day-to-day activities, priorities, deliverables, & stakeholder coordination * Manage RMF & Authorization Workflows: Oversee authorization activities in eMASS, including package development, approvals, inheritance, reciprocity, & continuous monitoring * Drive Enterprise Governance: Support development & maturation of the ISSM program, standardizing processes, policies, & cybersecurity practices * Track Program Execution: Manage schedules, tasking, risks, dependencies, & deliverables across cybersecurity workstreams * Facilitate Team Coordination: Lead meetings, status briefings, & working sessions with Government & contractor stakeholders * Support Workforce Operations: Coordinate onboarding/offboarding, knowledge transfer, & team integration activities * Develop Policies & Documentation: Author and maintain SOPs, governance frameworks, process guides, & implementation documentation * Enable Control Inheritance: Define & operationalize enterprise-level controls in eMASS, reducing redundancy & improving scalability of ATO processes * Mentor Cyber Personnel: Provide guidance & mentorship to ISSMs, ISSOs, & cybersecurity staff to ensure consistency and quality * Support Training Initiatives: Develop & deliver ISSM training, educational sessions, & knowledge-sharing materials * Standardize Artifacts: Create reusable templates & standardized Body of Evidence artifacts to enhance authorization package quality * Oversee Continuous Monitoring: Support enterprise ConMon activities & ongoing cybersecurity oversight across systems Qualifications of the ISSM Subject Matter Expert (SME) include: * 10+ years of cybersecurity experience * Proven experience managing RMF A&A activities & authorization packages using eMASS or similar GRC tools * Strong knowledge of DoD cybersecurity policies and frameworks * Experience developing cybersecurity policies, SOPs, governance frameworks, & operational procedures * Demonstrated ability to manage program execution, task tracking, & stakeholder communication in fast-paced environments * Experience implementing control inheritance strategies & enterprise cybersecurity standardization * Ability to mentor and develop cybersecurity personnel across multiple programs * Strong written & verbal communication skills with the ability to brief senior military, civilian, & SES leadership * Familiarity with continuous monitoring, FedRAMP, & federal A&A processes * Active TS/SCI clearance required
* Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (Master's preferred or equivalent experience) * IAT/IAM certification * Experience supporting OSD, Joint Staff, or Military Service components * Hands-on experience with eMASS, Xacta, or similar GRC platforms * Experience supporting FedRAMP and federal authorization processes Compensation for the Senior Security Control Assessor Representative includes: * Salary Range: $140,000-170,000 **depending on experience** * Benefits: Medical, Dental, Vision, 401k Plan, Holidays, PTO, sick leave as required by law Keywords: ISSM, Information Systems Security Manager, ISSO, Information Systems Security Officer, ISSE, Information Systems Security Engineer, SME, Subject Matter Expert, National Security, NatSec, federal, government, Arlington, VA, Virginia, DOD, DOW, Department of Defense, Department of War, cybersecurity governance, RMF execution, operations, emerging AI, data, analytics, cyber, cybersecurity, AI, authorization, workflows, mentor, security operations, program operation, RMF, risk management framework, authorization, workflow, eMASS, package development, approvals, inheritance, reciprocity, continuous monitoring, ConMon, Enterprise Governance, standardize, standardization, processes, policies, cybersecurity practices, practices, Program Execution, schedules, tasking, risks, dependencies, deliverables, status briefings, stakeholder, onboarding, onboard, offboarding, offboard, knowledge transfer, team integration, SOP, standard operating procedure, governance frameworks, process guides, implementation documentation, redundancy, scalability, ATO, authority to operate, guidance, mentor, mentorship, train, training, standardize, template, BOE, body of evidence, artifact, authorization, package, A&A, GRC, communication, written, verbal, assessment & authorization, FedRAMP, Information Technology, Computer Science, CS, IT, IAT, IAM, OSD, Joint Staff, Military Service, Xacta, federal authorization, TS, top secret, topsecret, top secret clearance, tssci, ts/sci, ts sci, Ts with sci, ts w/ sci, ts w sci, tswithsci, top secret with sci, CASP, CASP+, CASP +, CISSP, CASP+ CE, CASP+ce, certified information systems security professional, certified informations systems security professional, certified information system security professional, certified advanced security practitioner, comptia casp, comptia CASP+, Iat III, iat level iii, iat3, iat 3, iat level three, iat three, iatthree, iat3, GCED, GCIH, certified information systems auditor, certified information system auditor, GIAC Certified enterprise defender, GIAC certified incident handler, iam iii, iamiii, Iam level iii, iam level 3, iam level three, iam three, iam3, iam 3, cissp, gslc, cciso, certified information security manager, certified information systems security professional, certified information system security professional, giac security leadership, giac security leadership certification, chief information security officer, chief informations security officer, governance risk and compliance, governance risk & compliance, #LI-SW1 #LI-ONSITE