1

Issm Jobs in California (NOW HIRING)

$80K - $149K/yr

Reporting all security-related incidents to the ISSM and/or FSO. * Conducting continuous monitoring of environments to ensure compliance with security authorization packages. * May serve as a ...

Provide ISSM oversight for engineering teams, including secure architecture reviews and change‑control participation. * Support containerized architectures including EKS, Kubernetes, and ...

Provide ISSM oversight for engineering teams, including secure architecture reviews and change-control participation. * Support containerized architectures including EKS, Kubernetes, and ...

Provide ISSM oversight for engineering teams, including secure architecture reviews and change-control participation. * Support containerized architectures including EKS, Kubernetes, and ...

next page

Showing results 1-20

Issm information

See California salary details

$45.4K

$116.8K

$182.1K

How much do issm jobs pay per year?

As of Jul 2, 2026, the average yearly pay for issm in California is $116,777.00, according to ZipRecruiter salary data. Most workers in this role earn between $93,800.00 and $136,200.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Issm position, and why are they important?

To excel as an Information System Security Manager (ISSM), you need a strong background in information security, risk management, and compliance, typically supported by a degree in cybersecurity, computer science, or a related field. Familiarity with security frameworks (such as NIST or ISO 27001), vulnerability assessment tools, and certifications like CISSP or CISM are commonly required. Leadership, attention to detail, and effective communication are important soft skills for managing security teams and collaborating across departments. These skills help ensure organizational data is protected, compliance standards are met, and business operations remain secure.

What is an ISSM job?

An Information Systems Security Manager (ISSM) is responsible for overseeing and implementing cybersecurity policies for an organization's information systems. They ensure compliance with security standards, manage risk assessments, and coordinate with security teams to protect sensitive data. ISSMs work closely with IT and leadership to develop and enforce security strategies that align with regulatory requirements.

What are the typical daily responsibilities of an Information System Security Manager (ISSM)?

An ISSM’s daily responsibilities often include overseeing the implementation and monitoring of security controls, performing regular risk assessments, and ensuring compliance with relevant security policies and regulations. You may also coordinate incident response efforts, review system access logs, and provide guidance to IT staff on best practices. Additionally, ISSMs frequently interact with auditors, senior management, and cross-functional teams to report on security findings and advise on system improvements. This role requires staying current with emerging threats and adapting security strategies to protect organizational assets effectively.

How much does an ISSM make?

An Information Systems Security Manager (ISSM) typically earns between $100,000 and $160,000 annually, depending on experience, certifications like CISSP, and the organization. Salaries in the Washington, D.C. area tend to be higher due to the demand for cybersecurity expertise in government and defense sectors.

What is the career path of the ISSM?

An Information Systems Security Manager (ISSM) typically advances through roles such as cybersecurity analyst, security engineer, and security architect before reaching the ISSM position. Career progression often involves gaining certifications like CISSP and experience in information security management, with opportunities to move into senior leadership or specialized security roles.

What can I do with an information systems management degree?

An information systems management degree prepares individuals for roles such as IT manager, systems analyst, network administrator, or cybersecurity manager. These positions involve overseeing technology infrastructure, managing IT projects, and ensuring data security, often requiring knowledge of project management, networking, and relevant certifications like CISSP or PMP.

Can you make $200,000 in cyber security?

Cybersecurity professionals, including roles like ISSM (Information Systems Security Manager), can earn $200,000 or more with extensive experience, advanced certifications (such as CISSP or CISM), and leadership responsibilities. Salaries vary based on industry, location, and organization size, with senior and specialized positions typically offering higher compensation.
What job categories do people searching Issm jobs in California look for? The top searched job categories for Issm jobs in California are:
What cities in California are hiring for Issm jobs? Cities in California with the most Issm job openings:
Infographic showing various Issm job openings in California as of June 2026, with employment types broken down into 91% Full Time, 3% Part Time, and 6% Contract. Highlights an 94% In-person, 3% Hybrid, and 3% Remote job distribution, with an average salary of $116,777 per year, or $56.1 per hour.
Information Systems Security Manager

Information Systems Security Manager

Systems Planning and Analysis

San Diego, CA • On-site

$125K - $175K/yr

Full-time

Medical, Life, Retirement

Posted 24 days ago


Job description

Overview
Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted.
The Cybersecurity Pillar under SPA's CIO establishes and maintains a robust cybersecurity posture and policy architecture across SPA's information systems. The team manages cyber policy, develops control implementations and system security plans, continuously monitors SPA systems, and performs routine cyber operations including patching, auditing, and incident response. Cybersecurity is critical to SPA's mission; therefore we strive to offer secure solutions that ensure data is protected while meeting the needs of the business.
In this role, you will serve as the Information Systems Security Manager (ISSM) for multiple systems operating under SPA's Operations Research and Cyber Analysis (C5ISR/ORCA) Group. This requires the individual to operate with autonomy while interfacing directly with SPA clients and leaders overseeing the business unit's operation.
This position will develop information system solutions following Risk Management Framework (RMF) with implementations following the DAAG/DAAPM and CMMC. The ISSM will be responsible for attaining and maintaining system assessments and authorizations through government authorizing agencies from requirements through operational deployment. ISSM will implement requirements to establish classified communication links including internet, phone, video teleconferencing and other vital communications channels. The successful candidate will coordinate requirements with DoD agencies to ensure mission accomplishment and the protection of sensitive information.
Responsibilities
Responsibilities:
  • Develop and maintain enterprise-wide RMF information security policies, standards, guidelines, procedures, and artifacts following the RMF framework.
  • Oversees the development and deployment of the information security program for multiple classified systems to meet business and enterprise requirements, policies, standards, guidelines, and procedures Prepares, reviews, and presents technical reports and briefings.
  • Create and Maintain the System Security Plans (SSP) and associated documentation.
  • Create a book of business for Cybersecurity Team.
  • Maintain compliance of accredited information systems based on federal and DoD security standards.
  • Manages and performs security compliance via continuous monitoring.
  • Identifies root causes, prioritizes threats and recommends and/or implements corrective actions.
  • Research and address information security issues as required as an authority on the subject.
  • Ensure systems are operated, maintained, and disposed of in accordance with internal and DCSA security policies and practices.
  • Participate in internal and external security audits and inspections; performs risk assessments.
  • Evaluate proposed changes or additions to the information system and assess their security relevance.
  • Ensure configuration management (CM) for security relevant IS software, hardware, and firmware is maintained and documented.
  • Conduct investigations of computer security violations and incidents, reporting as necessary.
  • Ensure proper protection and / or corrective measures have been taken when an incident or vulnerability has been discovered.
  • Communicate, implement and manage a formal Information Security / Information Systems Security Program together with CISO, CIO, and ISO.
  • Receive and respond to incoming calls and/or e-mails regarding end-user or system problems.
  • Interface with third-party support and equipment vendors as needed.

Some travel may be required.
At SPA, we strive to deliver a robust total compensation package that will attract and retain top talent. Elements of the compensation package include competitive base pay and variable compensation opportunities.
SPA provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and several programs that provide for both paid and unpaid time away from work.
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, etc.
Please note that the salary information shown below is a general guideline only. Salaries are commensurate with experience and qualifications, as well as market and business considerations. California Pay Transparency Range: $125,000-$175,000
Qualifications
Qualifications:
  • Bachelor's degree in information security, Information Technology, or related discipline, or equivalent experience/combined education, with 5+ years of professional experience.
  • Must have and maintain a DoD 8570.01-M (Information Assurance Workforce) IAM Level II certification (e.g. CAP, CISM, or CISSP).
  • A minimum of 3 years of direct experience with RMF artifacts, obtaining and maintaining system ATOs, and implementing new and complex technologies at multiple classification levels within large enterprise environments.
  • A minimum of 3 years of direct experience performing a continuous monitoring and the cybersecurity hygiene of windows domains and network enclaves.
  • A minimum of 5 years of direct experience working with federal/government agencies in sensitive and classified environments.
  • A minimum of 3 years of direct experience with Risk Management Framework (RMF), NIST 800-53, DAAG/DAAPM, and other legal and regulatory guidance.
  • Active Secret security clearance.

Desired Skills:
  • At least 3 years' experience in the deployment, configuration, and troubleshooting of information technology equipment.
  • Ability to understand information systems equipment configurations (switches, routers, IDS, firewalls, servers, storage, etc.).