Kratos Space Training & Cyber
Information System Security Manager
Kratos Space Training & Cyber, Orlando, Florida, us, 32885
Ready for What's Next?
Kratos is a leader in assured aerospace communication solutions and services. We are cutting-edge innovators and creative problem solvers working collaboratively to solve our customers toughest challenges. Our culture is fast-paced and innovative. We are a trusted partneridriven by doing the right thing and achieving maximum success for our customers, our partners and ourselves.iKratos is looking for an
ISSM
to lead and support other cybersecurity professionals in the execution of information assurance programs and will support other IT teams in implementing security measures. This is accomplished in compliance with CMMC and Risk Management Framework policies and procedures such as System Security Plans, Risk Assessment Reports, Plans of Actions and Milestones, Assessment & Authorization packages, and Security Control Traceability Matrices. The ISSM will maintain an operational security posture and ensure security policies, standards, and procedures are established and followed. The ISSM will perform vulnerability and risk assessment analyses to support Assessment & Authorization and will provide configuration management for security software, hardware, and firmware.
While the primary location for this role is Kratos Orlando office, candidates should be prepared to support future classified projects at other company locations as needed. These assignments will be based on project requirements and may involve collaboration with cross-functional teams across multiple sites. The candidate must be comfortable coordinating with and receiving support from remote personnel, including cybersecurity specialists, system administrators, and compliance experts. The Orlando office is a dynamic and expanding hub, routinely taking on new and evolving projects that demand expertise in CMMC, NIST SP 800-171, and NIST SP 800-53 standards. This environment offers multiple opportunities for professional growth, exposure to cutting‑edge cybersecurity initiatives, and the chance to contribute meaningfully to national security efforts.
This position is based on multiple DoD Directives; including DoD 5205.07 volumes 1-4; DoDD 5205.02E; DoDI 5025.01, 5205.11, 5200.39, 5220.22, DoDM 3305.13; DoD 8140 series; NIST 800 series special publications; Executive Orders 13556 and 13636, and DISA Security Technical Implementation Guides.
Applicants selected could be subject to a government security investigation and must meet eligibility requirements for access to classified information. U.S. citizenship is required. Travel to customer sites and other program locations will be required.
Primary Responsibilities Cybersecurity Program Management
Develop, implement, and maintain a comprehensive cybersecurity program in coordination with government clients.
Create and manage security policies, procedures, and documentation aligned with applicable directives and publications.
Maintain current knowledge of system functions, technical safeguards, and operational security measures.
Security Authorization & Compliance
Collaborate with government sponsors and ISSMs to conduct security authorization reviews and develop assurance cases for new systems and networks.
Ensure compliance with security policies and enforce system requirements, including data ownership responsibilities.
Review system changes and assesses their impact on overall security posture.
Monitoring, Auditing & Risk Management
Develop and execute a continuous monitoring plan to ensure ongoing system integrity.
Conduct security self‑inspections, audits, and periodic testing to evaluate vulnerabilities and compliance.
Analyze audit logs and reports, elevate anomalies, and recommend corrective actions.
Document and report unresolved or serious security violations to appropriate authorities.
Incident Response & Recovery
Lead execution of the cyber incident response plan during security events.
Coordinate with stakeholders to manage incidents and maintain vulnerability compliance.
Oversee system backup and recovery processes to ensure restoration of security features.
Provide guidance on secure data purging and release procedures.
Training, Access Control & Personnel Oversight
ISSOs are formally appointed, trained, and assigned duties appropriate to their expertise.
Develop and implement a security education, training, and awareness program for all users.
Verify user access requirements, including clearance, authorization and need‑to‑know, prior to granting system access.
Assume ISSO responsibilities when no ISSO is assigned to a system.
Keyword: cyber, cybersecurity, RMF, zero trust, CMMC, NIST, 800-171, Information System Security Manager
Required Experience
5i7 years of hands‑on cybersecurity experience
Minimum 3 years serving as an ISSM or in a supervisory cybersecurity role
Proven background working within DoD or Federal Government information system environments
Demonstrated expertise in CMMC compliance and implementation
In‑depth knowledge of the DISA Risk Management Framework (RMF)
Current CISSP, CISM, or equivalent industry‑recognized certification
Proficiency with eMASS, XACTA, or similar government‑authorized cybersecurity platforms
Strong command of performance metrics, with a track record of optimizing operational efficiency
Ability to stay ahead of industry trends, emerging technologies, and regulatory shifts
Proven success in risk management, including vulnerability identification and mitigation
Exceptional communication skills, both written and verbal, across technical and non‑technical audiences
Confident in briefing senior leadership and external stakeholders
To work at this facility, you must be a US person
Preferred Skills and Experience
Experience in Business Continuity and Disaster Recovery (BC/DR) planning and execution
Familiarity with tools like ACAS, Graylog, Nessus, Splunk, or similar platforms
Working knowledge of the Zero Trust security framework, especially in DoD applications
Background supporting complex training simulation systems and mission‑critical infrastructure
Proficiency in Linux system administration
Hands‑on experience with Agile methodologies and tools such as Jira and Confluence
Practical knowledge of AWS, including FedRAMP compliance and cloud security best practices
Active Secret (or higher) Security Clearance
#LI-Onsite Kratos is valued for our ability to design and deliver leading edge, resilient solutions for aerospace communication, control, awareness and mission success across a continuum of offerings ifrom commercial to tailored custom solutions and integrated programs. Customers trust us to stay relevant and know we are in it for the long‑haul. We bring both the capability and confidence that our customers value and depend on. And, we always deliver.
This posting will close within 90 days from the Posting Date. i
From: Kratos Defense
#J-18808-Ljbffr
Kratos is a leader in assured aerospace communication solutions and services. We are cutting-edge innovators and creative problem solvers working collaboratively to solve our customers toughest challenges. Our culture is fast-paced and innovative. We are a trusted partneridriven by doing the right thing and achieving maximum success for our customers, our partners and ourselves.iKratos is looking for an
ISSM
to lead and support other cybersecurity professionals in the execution of information assurance programs and will support other IT teams in implementing security measures. This is accomplished in compliance with CMMC and Risk Management Framework policies and procedures such as System Security Plans, Risk Assessment Reports, Plans of Actions and Milestones, Assessment & Authorization packages, and Security Control Traceability Matrices. The ISSM will maintain an operational security posture and ensure security policies, standards, and procedures are established and followed. The ISSM will perform vulnerability and risk assessment analyses to support Assessment & Authorization and will provide configuration management for security software, hardware, and firmware.
While the primary location for this role is Kratos Orlando office, candidates should be prepared to support future classified projects at other company locations as needed. These assignments will be based on project requirements and may involve collaboration with cross-functional teams across multiple sites. The candidate must be comfortable coordinating with and receiving support from remote personnel, including cybersecurity specialists, system administrators, and compliance experts. The Orlando office is a dynamic and expanding hub, routinely taking on new and evolving projects that demand expertise in CMMC, NIST SP 800-171, and NIST SP 800-53 standards. This environment offers multiple opportunities for professional growth, exposure to cutting‑edge cybersecurity initiatives, and the chance to contribute meaningfully to national security efforts.
This position is based on multiple DoD Directives; including DoD 5205.07 volumes 1-4; DoDD 5205.02E; DoDI 5025.01, 5205.11, 5200.39, 5220.22, DoDM 3305.13; DoD 8140 series; NIST 800 series special publications; Executive Orders 13556 and 13636, and DISA Security Technical Implementation Guides.
Applicants selected could be subject to a government security investigation and must meet eligibility requirements for access to classified information. U.S. citizenship is required. Travel to customer sites and other program locations will be required.
Primary Responsibilities Cybersecurity Program Management
Develop, implement, and maintain a comprehensive cybersecurity program in coordination with government clients.
Create and manage security policies, procedures, and documentation aligned with applicable directives and publications.
Maintain current knowledge of system functions, technical safeguards, and operational security measures.
Security Authorization & Compliance
Collaborate with government sponsors and ISSMs to conduct security authorization reviews and develop assurance cases for new systems and networks.
Ensure compliance with security policies and enforce system requirements, including data ownership responsibilities.
Review system changes and assesses their impact on overall security posture.
Monitoring, Auditing & Risk Management
Develop and execute a continuous monitoring plan to ensure ongoing system integrity.
Conduct security self‑inspections, audits, and periodic testing to evaluate vulnerabilities and compliance.
Analyze audit logs and reports, elevate anomalies, and recommend corrective actions.
Document and report unresolved or serious security violations to appropriate authorities.
Incident Response & Recovery
Lead execution of the cyber incident response plan during security events.
Coordinate with stakeholders to manage incidents and maintain vulnerability compliance.
Oversee system backup and recovery processes to ensure restoration of security features.
Provide guidance on secure data purging and release procedures.
Training, Access Control & Personnel Oversight
ISSOs are formally appointed, trained, and assigned duties appropriate to their expertise.
Develop and implement a security education, training, and awareness program for all users.
Verify user access requirements, including clearance, authorization and need‑to‑know, prior to granting system access.
Assume ISSO responsibilities when no ISSO is assigned to a system.
Keyword: cyber, cybersecurity, RMF, zero trust, CMMC, NIST, 800-171, Information System Security Manager
Required Experience
5i7 years of hands‑on cybersecurity experience
Minimum 3 years serving as an ISSM or in a supervisory cybersecurity role
Proven background working within DoD or Federal Government information system environments
Demonstrated expertise in CMMC compliance and implementation
In‑depth knowledge of the DISA Risk Management Framework (RMF)
Current CISSP, CISM, or equivalent industry‑recognized certification
Proficiency with eMASS, XACTA, or similar government‑authorized cybersecurity platforms
Strong command of performance metrics, with a track record of optimizing operational efficiency
Ability to stay ahead of industry trends, emerging technologies, and regulatory shifts
Proven success in risk management, including vulnerability identification and mitigation
Exceptional communication skills, both written and verbal, across technical and non‑technical audiences
Confident in briefing senior leadership and external stakeholders
To work at this facility, you must be a US person
Preferred Skills and Experience
Experience in Business Continuity and Disaster Recovery (BC/DR) planning and execution
Familiarity with tools like ACAS, Graylog, Nessus, Splunk, or similar platforms
Working knowledge of the Zero Trust security framework, especially in DoD applications
Background supporting complex training simulation systems and mission‑critical infrastructure
Proficiency in Linux system administration
Hands‑on experience with Agile methodologies and tools such as Jira and Confluence
Practical knowledge of AWS, including FedRAMP compliance and cloud security best practices
Active Secret (or higher) Security Clearance
#LI-Onsite Kratos is valued for our ability to design and deliver leading edge, resilient solutions for aerospace communication, control, awareness and mission success across a continuum of offerings ifrom commercial to tailored custom solutions and integrated programs. Customers trust us to stay relevant and know we are in it for the long‑haul. We bring both the capability and confidence that our customers value and depend on. And, we always deliver.
This posting will close within 90 days from the Posting Date. i
From: Kratos Defense
#J-18808-Ljbffr