1

Information Security Manager Jobs in Reston, VA (NOW HIRING)

Working directly with the Information Security Manager, this role helps protect the organization's users, systems, applications, and data by monitoring security events, investigating incidents ...

Working directly with the Information Security Manager, this role helps protect the organization's users, systems, applications, and data by monitoring security events, investigating incidents ...

Information Security * Derivative classification * Local security procedures * Ensure annual refresher training is conducted. * Process SAAR for network access. * Manage DISS clearances and VARs for ...

Information Security * Derivative classification * Local security procedures * Ensure annual refresher training is conducted. * Process SAAR for network access. * Manage DISS clearances and VARs for ...

The Security Manager will provide policy support and technical guidance for personnel, information, and industrial security. * Facilitate development of enterprise procedures to conduct full criminal ...

The Security Manager will provide policy support and technical guidance for personnel, information, and industrial security. * Facilitate development of enterprise procedures to conduct full criminal ...

next page

Showing results 1-20

Information Security Manager information

See Reston, VA salary details

$65K

$141.6K

$208.1K

How much do information security manager jobs pay per year?

As of Jul 17, 2026, the average yearly pay for information security manager in Reston, VA is $141,597.00, according to ZipRecruiter salary data. Most workers in this role earn between $115,000.00 and $167,000.00 per year, depending on experience, location, and employer.

What are some common challenges Information Security Managers face when implementing new security protocols within an organization?

Information Security Managers often encounter resistance to change from staff when introducing new security protocols, as these measures can sometimes disrupt established workflows. Balancing security requirements with business needs is also a frequent challenge, requiring negotiation and effective communication across departments. Additionally, staying ahead of constantly evolving threats and ensuring that all team members are properly trained can be demanding, but overcoming these challenges is crucial for maintaining a robust security posture.

What are the key skills and qualifications needed to thrive as an Information Security Manager, and why are they important?

To thrive as an Information Security Manager, you need a strong understanding of cybersecurity principles, risk management, and regulatory compliance, typically backed by a relevant degree and professional certifications like CISSP or CISM. Familiarity with security information and event management (SIEM) systems, vulnerability assessment tools, and incident response frameworks is essential. Leadership, strategic thinking, and excellent communication skills help you effectively manage teams and convey complex security concepts to stakeholders. These skills and qualities are crucial for protecting organizational assets, ensuring regulatory compliance, and maintaining business continuity.

What is the difference between Information Security Manager vs Security Analyst?

AspectInformation Security ManagerSecurity Analyst
CertificationsCISSP, CISM, CISACompTIA Security+, GIAC Security Essentials
Work EnvironmentOversees security policies, manages teams, strategic planningMonitors security systems, analyzes threats, implements security measures
Employer & Industry UsageUsed in organizations with dedicated security teams across industriesCommon in IT departments, security operations centers

The main difference is that the Information Security Manager focuses on strategic security management and team leadership, while the Security Analyst handles day-to-day security monitoring and threat analysis. Both roles require relevant certifications and are vital in maintaining organizational security, but they differ in scope and responsibilities.

What does an Information Security Manager do?

An Information Security Manager is responsible for overseeing an organization's information security program, ensuring that sensitive data is protected from threats such as cyberattacks and unauthorized access. They develop and implement security policies, conduct risk assessments, and manage teams to respond to security incidents. Information Security Managers also ensure compliance with relevant laws and regulations and regularly educate staff on best security practices. Their role is critical in maintaining the confidentiality, integrity, and availability of information assets.

What Is an Information Security Manager?

The job duties of an information security manager involve overseeing the effort to protect networks, computers, and data from cyber attacks, viruses, and other security breaches. In this career, your responsibilities include creating IT security features that can protect your company’s data. In addition to building systems to protect against hacking, you must also be ready to lead the response when a security breach occurs. As an information security manager, you are responsible for creating and implementing practices and policies that employees can use to protect their employer's networks and data.

What are the most commonly searched types of Information Security jobs in Reston, VA? The most popular types of Information Security jobs in Reston, VA are:
What are popular job titles related to Information Security Manager jobs in Reston, VA? For Information Security Manager jobs in Reston, VA, the most frequently searched job titles are:
What job categories do people searching Information Security Manager jobs in Reston, VA look for? The top searched job categories for Information Security Manager jobs in Reston, VA are:
What cities near Reston, VA are hiring for Information Security Manager jobs? Cities near Reston, VA with the most Information Security Manager job openings:
Infographic showing various Information Security Manager job openings in Reston, VA as of July 2026, with employment types broken down into 1% As Needed, 72% Full Time, 23% Part Time, 1% Temporary, and 3% Contract. Highlights an 96% Physical, 1% Hybrid, and 3% Remote job distribution, with an average salary of $141,597 per year, or $68.1 per hour.
Information Systems Security Manager II with Security Clearance

Information Systems Security Manager II with Security Clearance

Amyx Inc

Springfield, VA • On-site

Other

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 2 days ago


Job description

Amyx is seeking to hire a Information Systems Security Manager-Advanced to support our Cybersecurity Division in the NCE Springfield, VA area. Responsible for the cybersecurity of a program, organization, system, or enclave. Responsibilities * Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk. * Acquire necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program. * Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. * Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements. * Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture. * Collect and maintain data needed to meet system cybersecurity reporting. * Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders. * Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance. * Ensure that security improvement actions are evaluated, validated, and implemented as required. * Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment. * Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s). * Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture. * Establish overall enterprise information security architecture (EISA) with the organization's overall security strategy. * Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed. * Evaluate cost/benefit, economic, and risk analysis in decision-making process. * Identify alternative information security strategies to address organizational security objective. * Identify information technology (IT) security program implications of new technologies or technology upgrades. * Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information. * Interpret and/or approve security requirements relative to the capabilities of new information technologies. * Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program. * Lead and align information technology (IT) security priorities with the security strategy. * Lead and oversee information security budget, staffing, and contracting. * Manage the monitoring of information security data sources to maintain organizational situational awareness. * Manage the publishing of Computer Network Defense guidance (e.g., TCNOs, Concept of Operations, Net Analyst Reports, * Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection. * Oversee the information security training and awareness program. * Participate in an information security risk assessment during the Security Assessment and Authorization process. * Participate in the development or modification of the computer environment cybersecurity program plans and requirements. * Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations. * Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans. * Provide leadership and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities. * Provide system-related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents. * Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to higher headquarters. * Recognize a possible security violation and take appropriate action to report the incident, as required. * Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements. * Recommend policy and coordinate review and approval. * Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered. * Track audit findings and recommendations to ensure that appropriate mitigation actions are taken. Use federal and organization-specific published documents to manage operations of their computing environment system(s). * Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals. * Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies. * Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk. * Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements. * Identify security requirements specific to an information technology (IT) system in all phases of the system life cycle. * Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. * Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals. * Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs). * Participate in the acquisition process as necessary, following appropriate supply chain risk management practices. * Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals. * Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance. * Forecast ongoing service demands and ensure that security assumptions are reviewed as necessary. * Define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate. Microsoft Office Suites; SharePoint; Nessus, Xacta, ServiceNow, Archer, Assessment Tools Qualifications Required: * Bachelor degree or higher from an accredited college or university (Recommend an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field.) * Clearance: TS/SCI * DoD 8140 Certification: CISSP-ISSMP or GSLC * Skill in creating policies that reflect system security objectives. * Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. * Skill in evaluating the trustworthiness of the supplier and/or product. Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. * Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements). * Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations. Benefits include: * Medical, Dental, and Vision Plans (PPO & HSA options available) * Flexible Spending Accounts (Health Care & Dependent Care FSA) * Health Savings Account (HSA) * 401(k) with matching contributions * Roth * Qualified Transportation Expense with matching contributions * Short Term Disability * Long Term Disability * Life and Accidental Death & Dismemberment * Basic & Voluntary Life Insurance * Wellness Program * PTO * 11 Holidays * Professional Development Reimbursement Please contact with any questions! Amyx is proud to be an Equal Opportunity Employer. All qualified candidates will be considered without regard to race, color, religion, national origin, age, disability, sexual orientation, gender identity, status as a protected veteran, or any other characteristic protected by law. Amyx is a VEVRAA federal contractor and we request priority referral of veterans. Physical Demands Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential.