ZipRecruiter

Log In

1

Isso Issm Jobs in Colorado (NOW HIRING)

IC-CAP LLC

ISSM 1 102-133

Colorado Springs, CO · On-site

Prior performance in roles such as ISSO or ISSM; Desired : * SAP Experience; Training: * DoD 8570.01-M IAM Level I (in lieu of IAT Level II) * Combatting Trafficking in Persons (CTIP) Security ...

next page

Showing results 1-20

All JobsIsso Issm JobsIsso Issm Jobs in Colorado

Isso Issm information

What are the main challenges faced by an Information Systems Security Officer (ISSO) or Information Systems Security Manager (ISSM) when working with cross-functional teams?

ISSO/ISSMs often collaborate with IT, compliance, and business units to ensure security policies align with organizational goals. A common challenge is bridging the communication gap between technical and non-technical stakeholders to ensure security requirements are understood and implemented effectively. Additionally, balancing strict security controls with operational needs requires negotiation and adaptability. Building strong relationships and maintaining clear documentation are key to overcoming these challenges and ensuring a secure and compliant environment.

What are the key skills and qualifications needed to thrive as an Information System Security Officer (ISSO) or Information Systems Security Manager (ISSM), and why are they important?

To thrive as an ISSO/ISSM, you need a solid understanding of cybersecurity principles, risk management frameworks (such as NIST RMF), and compliance requirements, usually supported by a degree in information security or a related field. Familiarity with security tools like SIEM systems, vulnerability scanners, and certifications such as CISSP or Security+ are typically required. Strong analytical thinking, attention to detail, and the ability to communicate complex security concepts to diverse audiences are essential soft skills. These skills ensure the effective protection of organizational assets, compliance with regulations, and the ability to respond proactively to evolving security threats.

What is the difference between Isso Issm vs Project Manager?

AspectIsso IssmProject Manager
CertificationsTypically requires ISSM certification, security clearancesOften requires PMP or CAPM certifications
Work EnvironmentPrimarily in cybersecurity, information systems securityIn various industries managing projects across departments
Industry UsageCommon in defense, government, IT security sectorsWidely used across construction, IT, healthcare, and more

While both roles involve managing technical aspects, Isso Issm focuses on information security management within cybersecurity environments, often requiring specific security certifications. Project Managers oversee a broad range of projects across industries, emphasizing planning, execution, and delivery. Understanding these differences helps clarify career paths and employer expectations in respective fields.

What are ISSOs and ISSMs?

Information System Security Officers (ISSOs) and Information System Security Managers (ISSMs) are cybersecurity professionals responsible for the protection and oversight of information systems within an organization, particularly in compliance-driven environments like government or defense. ISSOs focus on the day-to-day security operations, monitoring, and implementation of security controls, while ISSMs are typically responsible for the overall security program management and ensuring compliance with relevant regulations and policies. Both roles are crucial for maintaining the confidentiality, integrity, and availability of sensitive data.
What are popular job titles related to Isso Issm jobs in Colorado? For Isso Issm jobs in Colorado, the most frequently searched job titles are:
What job categories do people searching Isso Issm jobs in Colorado look for? The top searched job categories for Isso Issm jobs in Colorado are:
What cities in Colorado are hiring for Isso Issm jobs? Cities in Colorado with the most Isso Issm job openings:
Isso Issm jobs near you

ISSM 1 102-133

IC-CAP LLC

Colorado Springs, CO • On-site

Full-time

Posted 21 days ago

Job description

Information System Security Manager (ISSM) 1s primary function serves as a principal advisor on all matters, technical and otherwise, involving the security of information systems under their purview. Primary support will be working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense, and Military Compartment efforts. The position will provide day-to-day support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.
Performance shall include:
  • Perform oversight of the development, implementation and evaluation of information system security program policy; special emphasis placed upon integration of existing SAP network infrastructures
  • Develop and oversee operational information systems security implementation policy and guidelines of network security, based upon the Risk Management Framework (RMF) with emphasize on Joint
  • Special Access Program Implementation Guide (JSIG) authorization process
  • Advise customer on Risk Management Framework (RMF) assessment and authorization issues
  • Perform risk assessments and make recommendations to DoD agency customers
  • Advise government program managers on security testing methodologies and processes
  • Evaluate authorization documentation and provide written recommendations for authorization to government PMs
  • Develop and maintain a formal Information Systems Security Program
  • Ensure that all IAOs, network administrators, and other cyber security personnel receive the necessary technical and security training to carry out their duties
  • Develop, review, endorse, and recommend action by the AO or DAO of system assessment documentation
  • Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media
  • Develop and execute security assessment plans that include verification that the features and assurances required for each protection level functioning
  • Maintain a and/or applicable repository for all system authorization documentation and modifications
  • Institute and implement a Configuration Control Board (CCB) charter
  • Develop policies and procedures for responding to security incidents, to include investigating and reporting security violations and incidents
  • Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system
  • Ensure that data ownership and responsibilities are established for each authorization boundary, to include accountability, access rights, and special handling requirements
  • Ensure development and implementation of an information security education, training, and awareness program, to include attending, monitoring, and presenting local cyber security training.
  • Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed
  • Assess changes in the system, its environment, and operational needs that could affect the authorization
  • Ensure that authorization is accomplished a valid Authorization determination has been given for all authorization boundaries under your purview
  • Review AIS assessment plans
  • Coordinate with PSO or cognizant security official on approval of external information systems (e.g., guest systems, interconnected system with another organization)
  • Conduct periodic assessments of the security posture of the authorization boundaries
  • Ensure configuration management (CM) for security-relevant changes to software, hardware, and firmware and that they are properly documented
  • Ensure periodic testing is conducted to evaluate the security posture of IS by employing various intrusion/attack detection and monitoring tools (shared responsibility with ISSOs)
  • Ensure that system recovery and reconstitution processes developed and monitored to ensure that the authorization boundary can be recovered based on its availability level determination
  • Ensure all authorization documentation is current and accessible to properly authorized individuals
  • Ensure that system security requirements are addressed during all phases of the system life cycle
  • Develop Assured File Transfers (AFT) on accordance with the JSIG
  • Participate in self-inspections
  • Conduct the duties of the Information System Security Officer (ISSO) if one is not present and/or available.

Education and Experience:
  • Bachelor's degree
  • 5-7 years related experience; Prior performance in roles such as ISSO or ISSM;

Desired:
  • SAP Experience;

Training:
  • DoD 8570.01-M IAM Level I (in lieu of IAT Level II)
  • Combatting Trafficking in Persons (CTIP)

Security Clearance:
  • Active TS/SCI and the willingness to sit for a polygraph, if needed

IC-CAP provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status.

Apply