Information Systems Security Manager (ISSM)

Ready to make connectivity from space universally accessible, secure and actionable? Then you've come to the right place!

E-Space is bridging Earth and space to enable hyper-scaled deployments of Internet of Things (IoT) solutions and services. We are building a highly-advanced low Earth orbit (LEO) space system that will fundamentally change the design, economics, manufacturing and service delivery associated with traditional satellite and terrestrial IoT systems.

We're intentional, we're unapologetically curious and we're 100% committed to innovate space-based communications and deliver actionable intelligence that will expand global economies, protect space and our planet and enhance our overall quality of life.

THE ROLE:

The Information Systems Security Manager (ISSM) serves as the primary authority responsible for the cybersecurity posture and compliance of all classified information systems operating within a Top Secret possessing facility under a Department of Defense (DoD) Facility Clearance (FCL). This role is pivotal in ensuring the organization meets all requirements set forth by the National Industrial Security Program Operating Manual (NISPOM), the Defense Counterintelligence and Security Agency (DCSA), and applicable Intelligence Community Directives (ICDs).

The ISSM will serve as the authoritative point of contact to the Cognizant Security Authority (CSA) and Government Contracting Activity (GCA) for all matters relating to the authorization, operation, and continuous monitoring of classified information systems, including Sensitive Compartmented Information (SCI) systems where applicable

What You'll Do:

System Authorization & Accreditation (A&A / RMF)

Lead the Assessment and Authorization (A&A) process for all classified IS under the Risk Management Framework (RMF) in accordance with NIST SP 800-37 and DAAPM.

Prepare, maintain, and submit System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), and Authorization to Operate (ATO) packages.

Serve as the primary liaison with DCSA and Government customer representatives during system assessments, inspections, and audits.

Maintain and manage the System Security Authorization Agreement (SSAA) or equivalent documentation for all IS operating at the TS level or above.

Compliance & Policy Management

Ensure all classified information systems comply with 32 CFR Part 117 (NISPOM), applicable DoD and IC cybersecurity policies, Contract Data Requirements List (CDRLs), and Statement of Work (SOW) security requirements.

Develop, implement, and maintain facility-level Information Systems Security policies, procedures, and Standard Operating Procedures (SOPs).

Enforce configuration management (CM) controls and ensure all hardware/software changes to classified IS are reviewed and approved prior to implementation.

Conduct periodic self-inspections of classified IS programs and remediate findings in coordination with the FSO and program leadership.

Continuous Monitoring & Incident Response

Implement and manage a Continuous Monitoring (ConMon) program for all authorized classified information systems.

Monitor audit logs, SIEM alerts, and vulnerability scan results; investigate anomalies and potential insider threats.

Serve as the Facility Incident Response Manager for classified information system security incidents; coordinate reporting to DCSA and GCAs within required timeframes.

Conduct or oversee technical vulnerability assessments and penetration testing as required by the CSA or contract requirements.

Personnel Security & Training

Oversee ISSM-delegated Information System Security Officer (ISSO) personnel; provide mentorship, task delegation, and performance oversight.

Develop and deliver annual IS security awareness training and role-based training for users of classified information systems.

Maintain personnel access records and access control lists (ACLs) for all classified IS; ensure need-to-know verification prior to system access grants.

Coordinate with the FSO to ensure the integration of personnel security and information security requirements.

Physical & Technical Security Integration

Coordinate with facilities and physical security teams to ensure IS are housed in appropriately accredited spaces (SCIFs, Closed Areas, SAPs) in accordance with ICD 705 and DCSA physical security standards.

Manage and enforce media protection, sanitization, and destruction procedures for classified storage media in accordance with NSA/CSS EPL requirements.

Oversee PKI, multi-factor authentication (MFA), and privileged access management (PAM) implementations across classified networks

What You Bring:

Active Top Secret (TS) security clearance; SCI eligibility required or must be obtainable within 6 months of hire.

Minimum of 10 years of progressive experience in information systems security within a DoD or Intelligence Community classified environment with 5 or more year's direct experience as an ISSM, ISSP, Security Control Assessor (SCA), or equivalent position

Demonstrated ISSM or ISSO experience supporting DCSA-adjudicated classified IS programs under NISPOM/DAAPM.

A minimum of 3 years of direct working knowledge of the NIST RMF process (NIST SP 800-37, 800-53, 800-171) and DoD Assessment Methodology (DAAPM).

Experience preparing and managing ATOs, SSPs, SAPs, and POA&Ms for TS and SCI-level information systems.

Proficiency with eMASS (Enterprise Mission Assurance Support Service) or equivalent GRC tool.

Working knowledge of SIEM platforms, vulnerability scanners (e.g., ACAS/Nessus), and HBSS/endpoint security tools.

IAM Level II or III certification required per DoD 8570.01-M / DoD 8140 (e.g., CISSP, CISM, GSLC, or equivalent).

Master's degree or Bachelor's degree with equivalent work experience and certifications in Cybersecurity, Information Technology, Computer Science, or a related technical discipline, OR equivalent verifiable experience.

Bonus Points for the Following:

Current TS/SCI access with polygraph (CI or Full Scope).

Experience supporting Special Access Programs (SAPs) or Sensitive Compartmented Information Facilities (SCIFs).

Familiarity with Cross Domain Solutions (CDS), data transfer processes, and CDSE/NSA approval workflows.

Experience with LINUX and Windows hardened STIG baseline implementation and validation.

Knowledge of ICD 503, ICS 500-27, and CNSSI 1253 security control overlays.

Prior DCSA inspection experience (NISP, SAP, or SCI programs).

Additional certifications such as CASP+, CCSP, Security+, or CEH are a plus.

Direct experience managing the system lifecycle of connected classified systems including SecretDefense Research and Engineering Network (SDREN), Secret Internet Protocol Router Network (SIPRNET), Non-classified Internet Protocol Router Network (NIPRNET, and Joint Worldwide Intelligence Communications System (JWICS) systems .

Why E-Space is right for you:

As a member of our team, you will play a crucial role in driving our success. Our team members have a strong sense of dedication and responsibility; this includes a strong commitment to our mission to create an entirely new suite of global capabilities to improve lives, business efficiencies and build a smarter planet. This means that there will be times when extra hours, including nights and weekends, may be needed to meet critical deadlines and mission goals. In return, we offer a dynamic work environment with opportunities for professional growth and development and the chance to make a meaningful impact in a high-growth industry.

We want you to make the most of your journey at E-Space. That's why we support and invest in the physical, emotional and financial well-being of our team members and their families. Some of what you can expect when working at E-Space:

An opportunity to really make a difference

Sustainability at our core

Fair and honest workplace

Innovative thinking is encouraged

Competitive salaries

Continuous learning and development

Health and wellness care options

Financial solutions for the future

Optional legal services (US only)

Paid holidays

Paid time off

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.