Information System Security Manager

Job ID: 2510066

Location: CHANTILLY, VA, US

Date Posted: 2025-09-22

Category: Cyber

Subcategory: Cybersecurity Spec

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: TS/SCI with Poly

Clearance Level Must Be Able to Obtain: None

Potential for Remote Work: No

Description

SAIC is seeking an Information System Security Manager (ISSM) to provide information security support. This position is in Chantilly, VA and requires an active TS/SCI clearance with Polygraph.

This Customer's office is the force of choice for the development of global infrastructure and delivery of solutions that drive influence operations. If you have specialized skills in information security and tech ops, this is the role for you.

Job responsibilities include, but are not limited to:

Job responsibilities include, but are not limited to:

• Support Lifecycle Assessment and Authorization (A&A) process
• Develop a Systems Security Plan (SSP).
• Assist and maintain a formal Information Security Program that includes recommendations on continuous improvement of the processes and architectures.
• Maintain and make accessible documentation of all operational and business process activities in the form of Standard Operating Procedures (SOPs).
• Maintaining a formal Information Security Program with their stakeholders.
• Monitor and track projects in the A&A queue.
• Analyze SSPs to develop an understanding of the customer's systems and applications.
• Coordinate A&A actions and system testing with appropriate security personnel.
• Develop risk assessment, recommend mitigating countermeasures, and write short, succinct risk assessment, and certification reports for submission to the Chief Information Officer (CIO).
• Act as an A&A project register.
• Manage the A&A registration process.
• Monitor and track projects in the A&A queue.
• Maintain a document repository where A&A project documentation is stored and recorded, and register actions concerning project approvals to operate in the A&A database.
• Assemble and submit A&A packages to the Principal Accreditation Authority or Designated Accreditation Authority.
• Review and approve product requests for procurements.
• Provide security guidance in terms of policy and technical implementation of those policies.
• Produce and assist with production of technical artifacts required for A&A packages such as write documentation like System Security Plan, Audit Strategy, Configuration Management Plan, Security Controls Traceability Matrix, Project Plan of Action and Milestones.
• Monitor and address cyber risks such as malware, zero-day attacks, denial of service attacks, as well as associated mitigations regarding computer and network devices.

Qualifications

• Active TS/SCI with Polygraph.
• Bachelor's degree and 9 years or more experience; Master's degree and 12 years or more experience; PhD and 9 years or more experience.
• CISSP Certification.
• Demonstrated experience with:
  • Computer networking in Windows AND Linux.
  • Use of common online services in a persona-specific environment.
  • Website configuration, Basic software development knowledge.
  • Strategically planning efforts, identifying issues, negotiating changes, proactively anticipating needs, and analyze complex requirements with stakeholders, and allocate resources in a given timeline to achieve desired mission outcomes.
  • Eliciting information on complex technical problems from non-technical personnel for use in diagnosis, analysis, resolution of problems.
  • Making decisions and managing competing priorities, schedules, risks, stakeholder requirements and interdependencies on a variety of technical, resource, and organizational issues, even in ambiguous or high-pressure situations.
  • Effectively communicating (oral and written) to convey complex technical information for a variety of audiences (i.e., technical and non-technical).
  • Customer regulations and standards, including Information Security (INFOSEC) and Communications Security (COMSEC).
  • Managing security aspects of deployed infrastructure and technical solutions, in addition to day to day security operations.
• Desired Skills:
  • Demonstrated experience with Rapid7, WebInspect, AppDetective, CIS-CAT, and other vulnerability assessment tools and processes.
  • Information security certifications such as CISSP, CISSE, CISA, CEH, CCSP, etc.
  • Demonstrated experience with computer and network vulnerabilities (e.g., malware, zero-day attacks, denial of service attacks, etc.).