1

Issm Jobs in Oregon (NOW HIRING)

Overview We're looking for an Information Systems Security Manager (ISSM) to lead the authorization and continuous compliance of LIGER, an enterprise AI platform for our DHS customer. You'll own the ...

$111K - $192K/yr

You will serve as the primary point of contact for the ISSM, the Authorizing Official's representative, and the engineering team on all matters of system security. You will develop and maintain the ...

OR

$114K - $137K/yr

You produce the evidence the mission hero's ISSM/ISSO needs to run this in IL4/IL5. * Contribute field feedback back to product and engineering. File issues, write postmortems, and surface what ...

OR

$105K - $143K/yr

You produce the evidence the mission hero's ISSM/ISSO needs to run this in IL4/IL5. * Be the voice of the mission hero back to product and engineering. File issues, write postmortems, propose ...

Issm information

See Oregon salary details

$48.6K

$125.1K

$195.1K

How much do issm jobs pay per year?

As of Jul 17, 2026, the average yearly pay for issm in Oregon is $125,105.00, according to ZipRecruiter salary data. Most workers in this role earn between $100,400.00 and $145,900.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Issm position, and why are they important?

To excel as an Information System Security Manager (ISSM), you need a strong background in information security, risk management, and compliance, typically supported by a degree in cybersecurity, computer science, or a related field. Familiarity with security frameworks (such as NIST or ISO 27001), vulnerability assessment tools, and certifications like CISSP or CISM are commonly required. Leadership, attention to detail, and effective communication are important soft skills for managing security teams and collaborating across departments. These skills help ensure organizational data is protected, compliance standards are met, and business operations remain secure.

What is an ISSM job?

An Information Systems Security Manager (ISSM) is responsible for overseeing and implementing cybersecurity policies for an organization's information systems. They ensure compliance with security standards, manage risk assessments, and coordinate with security teams to protect sensitive data. ISSMs work closely with IT and leadership to develop and enforce security strategies that align with regulatory requirements.

What are the typical daily responsibilities of an Information System Security Manager (ISSM)?

An ISSM’s daily responsibilities often include overseeing the implementation and monitoring of security controls, performing regular risk assessments, and ensuring compliance with relevant security policies and regulations. You may also coordinate incident response efforts, review system access logs, and provide guidance to IT staff on best practices. Additionally, ISSMs frequently interact with auditors, senior management, and cross-functional teams to report on security findings and advise on system improvements. This role requires staying current with emerging threats and adapting security strategies to protect organizational assets effectively.

How much does an ISSM make?

An Information Systems Security Manager (ISSM) typically earns between $100,000 and $160,000 annually, depending on experience, certifications like CISSP, and the organization. Salaries in the Washington, D.C. area tend to be higher due to the demand for cybersecurity expertise in government and defense sectors.

What is the career path of the ISSM?

An Information Systems Security Manager (ISSM) typically advances through roles such as cybersecurity analyst, security engineer, and security architect before reaching the ISSM position. Career progression often involves gaining certifications like CISSP and experience in information security management, with opportunities to move into senior leadership or specialized security roles.

What can I do with an information systems management degree?

An information systems management degree prepares individuals for roles such as IT manager, systems analyst, network administrator, or cybersecurity manager. These positions involve overseeing technology infrastructure, managing IT projects, and ensuring data security, often requiring knowledge of project management, networking, and relevant certifications like CISSP or PMP.

Can you make $200,000 in cyber security?

Cybersecurity professionals, including roles like ISSM (Information Systems Security Manager), can earn $200,000 or more with extensive experience, advanced certifications (such as CISSP or CISM), and leadership responsibilities. Salaries vary based on industry, location, and organization size, with senior and specialized positions typically offering higher compensation.
Infographic showing various Issm job openings in Oregon as of July 2026, with employment types broken down into 93% Full Time, 4% Part Time, 2% Contract, and 1% Nights. Highlights an 94% Physical, 3% Hybrid, and 3% Remote job distribution, with an average salary of $125,105 per year, or $60.1 per hour.
Cybersecurity - Information Systems Security Manager (ISSM) - Clearance Required

Cybersecurity - Information Systems Security Manager (ISSM) - Clearance Required

LMI

Other

Posted 11 days ago


Job description

Overview

We're looking for an Information Systems Security Manager (ISSM) to lead the authorization and continuous compliance of LIGER, an enterprise AI platform for our DHS customer. You'll own the security management posture for the platform: developing and maintaining the authorization package, driving the Risk Management Framework (RMF) lifecycle, and serving as LIGER's primary security management interface to cyber leadership. This position requires a CBP Background Investigation;  U.S. citizenship is required.

This is a senior, accountable role. While the LIGER cyber engineering team handles hands-on implementation, you own the strategy, the artifacts, and the relationship with Authorizing Officials and ISSOs. You'll translate  DHS security policy into actionable program direction, lead assessment and authorization (A&A) activities, and make sure LIGER reaches and maintains its Authority to Operate (ATO).

LIGER sits within LMI's Chief Technology Office. We're a small, high-visibility team building AI tools for federal agencies. The culture is more startup than traditional government contractor; we move fast, solve problems in design spikes rather than scheduled reviews, and care more about outcomes than process. That said, we're building for users who need reliability and trust, so craft and attention to detail matter, especially in security.

As ISSM, you'll work daily with the platform lead, the cyber engineering team, and product leadership, and directly with cyber stakeholders. You'll set the security management direction for LIGER's deployment and have real influence over how the platform balances rigor with the pace of iteration.

LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed. 

Leveraging our mission-ready technology and solutions, provenexpertisein federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors-helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value. 

Responsibilities

What You'll Do

Lead the full RMF lifecycle for LIGER's deployment, from system categorization and control selection through assessment, authorization, and continuous monitoring

Develop, maintain, and defend the authorization package: System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and supporting artifacts

Serve as LIGER's primary security management point of contact for Authorizing Officials, ISSOs, assessors, and cyber working groups

Advise LMI and government leadership on system risk levels, control effectiveness, and the cybersecurity posture of the platform, including emerging risks unique to AI/LLM systems

Develop and maintain LIGER security policies, procedures, and SOPs aligned to DHS requirements

Direct the work of cyber engineers and ISSOs supporting LIGER, ensuring activities align to compliance objectives and program timelines

Coordinate A&A activities across distributed teams, including engineering, infrastructure, and stakeholders

Track audit findings, remediation actions, and POA&M items to closure, escalating risks as needed

Interpret noncompliance and translate it into impact assessments and risk-informed mitigation plans

Support FedRAMP-aligned control implementation and inheritance where applicable

Stay current on evolving federal cybersecurity policy and translate changes into LIGER program direction

Qualifications

What We're Looking For

  • Active CBP Background Investigation required;  U.S. citizenship is required.
  • Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or a related field
  • 8+ years of experience in cybersecurity, information assurance, or related fields, with significant time in federal environments
  • 5+ years of hands-on RMF experience, including ATO development and continuous monitoring against NIST 800-53
  • Demonstrated experience leading authorization activities and serving as the primary security interface to government Authorizing Officials and assessors
  • CISSP, CISM, or equivalent senior-level cybersecurity certification
  • Experience securing LLM, GenAI, or agentic AI systems, including data handling, prompt and tool-call risk, and model output controls
  • Strong working knowledge of cloud security in AWS, particularly GovCloud or similar high-compliance environments
  • Experience writing, defending, and maintaining ATO-grade documentation that holds up to assessor and AO review
  • Ability to translate compliance requirements into specific engineering work and direct technical staff toward closure
  • Excellent written and verbal communication skills, with the ability to brief senior government and industry leaders on risk and compliance posture
  •  

What Will Set You Apart

Active CBP Background Investigation or prior CBP/DHS program support

Direct experience leading ATO or continuous authorization for systems hosted at DHS, or another DHS component

Familiarity with DHS 4300A and specific cybersecurity policies and processes

FedRAMP authorization or assessment experience (Moderate or High)

Experience securing LLM, GenAI, or agentic AI systems in federal environments

Familiarity with CISA Binding Operational Directives, Continuous Diagnostics and Mitigation (CDM), or High Value Asset (HVA) program requirements

Experience with ATO documentation tooling (e.g., Xacta, OpenRMF, or similar)

Experience integrating security and compliance activities into DevSecOps pipelines

Job LocationsUS-RemoteEmployment Type: OTHER