Information Systems Security Mangager (ISSM)

Overview

Manage cybersecurity assessments, authorizations, risk, and compliance for DoD systems

Key Responsibilities

• security docs
• risk assessment
• authorization mgmt
• system scanning
• design integration
• change management

Tasks

-Write implementation and design documents describing how security features are implemented -Review and advise on security aspects of contracted maintenance deliverables and proposals -Keep leadership aware of any roadblocks, issues, or concerns with system authorization status -Provide advice and assistance on all things cyber security for customer-acquired development and systems maintenance projects, driving and monitoring system authorization status of segment components, authoring and coordinating related documentation -Coordinating, executing, and managing cybersecurity assessment & authorization (A&A) related activities supporting IT hardware, software, and connectivity capabilities in support of intelligence data management and analysis requirements -Facilitate, perform, and manage actions necessary to maintain system and capability accreditation status consistent with DoDI 8510.01 (Risk Management Framework (RMF) for DoD Information Technology (IT)), including scanning, auditing, and authoring/coordinating security accreditation-related documentation -Perform requirements analysis, design, and integration for complex software applications and collaboration infrastructures -Create and maintain information system security documentation, Standard Operating Procedures (SOP), and provide guidance on active Plans of Action and Milestones (POA&M) Present system maintenance, authorization status, and potential issues to various intelligence and acquisition community audiences -Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes

Requirements

• linux
• java
• devsecops
• cissp
• ts/sci
• 9+ years

What You Bring

-Understanding of common operating systems (Windows, Linux/Unix, Cisco IOS/NX-OS) -Prior experience with cloud and container security tools (e.g. Prisma Cloud/Twistlock, StackRox, Anchore) -Software Development in Java, Python, Ruby and/or C++ knowledge -Familiarity with DevSecOps principles and Secure Software Development Lifecycle (SSDLC) -9+ years of IT/security-related experience with recent ISSM experience -9+ years' technical experience in cybersecurity or information technology -An active TS/SCI clearance is required -Linux Expertise (RedHat/RHEL or CentOS preferred) knowledge. -DoD 8570 IAT/IAM Level I/II certification -Self-motivated; able to work independently with minimal direction -Ability to troubleshoot, assess root cause, and resolve technical issues -Knowledge of client, server, data storage, and networking technologies -Innovative with strong analytical, problem-solving, organization and interpersonal skills -BS degree in information systems or related technical field -Understanding of the requirements and standards for Cloud security -Advanced degree in a technical field -Travel Requirements: 35% -Prior experience with software scanning/static code analysis (e.g. Fortify, SonarQube) -Must have experience working with Special Access Programs (SAPs) -Sec+/CASP/CISSP certification

People Also Searched For

Benefits

-Collaborative Environment: Be part of a dynamic team that thrives on collaboration and innovation, fostering a supportive and intellectually stimulating workplace.

About Kbr, Inc.

-Designs and builds complex facilities — from LNG plants and refineries to military bases and naval infrastructure. -Operates mission‑critical projects: NASA ISS payload operations, astronaut health research, JWST integration, space‑instrument R&D. -Offers full EPC and life‑cycle services: engineering, procurement, construction, logistics and proprietary tech licensing. -Supports defense and intelligence sectors with systems engineering, base‑operations, C5ISR, cyber, and mission planning. -Has completed landmark acquisitions (BE&K, Wyle, SGT, Centauri, Frazer‑Nash, LinQuest) to expand aerospace, gov‑tech and space capabilities. -Versatile footprint: tackling offshore oil‑&‑gas, chemical processing, sustainable energy and cutting‑edge digital transformation.

Sector Specialisms