ZipRecruiter
Information System Security Manager (ISSM) / Program Manager (15.28)
ZipRecruiter, Colorado Springs, Colorado, United States, 80509
Information System Security Manager (ISSM) / Program Manager
OCT Consulting is a business management and technology consulting firm supporting Federal Government clients in areas such as Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.
Responsibilities and Duties
OCT has an opening for an
Information System Security Manager (ISSM) / Program Manager
to work with our federal client. This hybrid role requires availability within the USAF Academy, CO 80840 area, for on-site meetings during core hours within 1 hour. This position is contingent upon contract award. Day-to-day responsibilities include: Serving as the senior cybersecurity lead responsible for developing, implementing, and overseeing the organization’s cybersecurity program, including architecture, policy, objectives, procedures, and workforce development in accordance with AFI 17-101, AFI 17-130, and DoDI 8510.01. Providing strategic direction and leadership to the RMF team (ISSO, ISSE, SCAR, A&A Assessor), ensuring compliance with DoD 8140.03 workforce role separation and USAFA cybersecurity standards. Acting as the primary point of contact with the Government, COR, and Authorizing Officials, managing communication, deliverables, schedules, risks, and contract compliance. Leading the creation and ongoing refinement of the System Security Plan (SSP), including tailoring and implementation of controls from NIST SP 800-53 Rev. 5 and baselines defined in FIPS 200. Overseeing the selection, documentation, and management of security control implementation, ensuring each control includes a functional description of inputs, behavior, and outputs as reflected in the SSP. Supporting development of all RMF artifacts including POA&Ms, Security Assessment Reports (SARs), Risk Acceptance Packages, and continuous monitoring artifacts. Managing the complete Authorization to Operate (ATO) package lifecycle, including development of the POA&M tracker, Risk Acceptance Recommendation Report, residual risk statement, and briefing materials for AO presentation and decision-making. Coordinating incident response escalation and network access control oversight, including review and documentation of account provisioning processes and procedures in alignment with the IR Plan. Providing RMF-related planning and execution guidance at organizational, mission, business process, and system levels to ensure risk-informed governance and control applicability. Monitoring compliance with USAFA policies, DoD instructions, and federal cybersecurity mandates, while identifying opportunities for control optimization and continuous improvement across systems and programs. Requirements Qualifications include: Must be a U.S. citizen. Required certifications: CISSP/CISSO and PMP. Bachelor’s degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET-accredited or CAE-designated institution. Minimum five years of experience in Information System Security Management; additional experience in the USAF environment is preferred. Familiarity with NIST SP 800-37 Rev. 2, SP 800-53 Rev. 5, FIPS 199/200, FedRAMP, AFI 17-101, DoDI 8510.01, and eMASS workflows. Active Tier 3 security clearance. Benefits OCT offers competitive compensation and benefits including: Medical, Dental, and Vision insurance Retirement 401K plan with 3% employer contributions Paid Time Off and Federal Holidays Life Insurance, Short- and Long-Term Disability Benefits Training Benefits Salary Range: $50,000 - $250,000 annually, based on experience and education. About OCT Consulting Founded in 2013, OCT Consulting LLC is a minority-owned, Small Disadvantaged Business (SDB) providing professional services and IT solutions to federal and commercial clients. We are committed to equal opportunity employment and fostering a diverse, inclusive workplace where all contributions are valued.
#J-18808-Ljbffr
Information System Security Manager (ISSM) / Program Manager
to work with our federal client. This hybrid role requires availability within the USAF Academy, CO 80840 area, for on-site meetings during core hours within 1 hour. This position is contingent upon contract award. Day-to-day responsibilities include: Serving as the senior cybersecurity lead responsible for developing, implementing, and overseeing the organization’s cybersecurity program, including architecture, policy, objectives, procedures, and workforce development in accordance with AFI 17-101, AFI 17-130, and DoDI 8510.01. Providing strategic direction and leadership to the RMF team (ISSO, ISSE, SCAR, A&A Assessor), ensuring compliance with DoD 8140.03 workforce role separation and USAFA cybersecurity standards. Acting as the primary point of contact with the Government, COR, and Authorizing Officials, managing communication, deliverables, schedules, risks, and contract compliance. Leading the creation and ongoing refinement of the System Security Plan (SSP), including tailoring and implementation of controls from NIST SP 800-53 Rev. 5 and baselines defined in FIPS 200. Overseeing the selection, documentation, and management of security control implementation, ensuring each control includes a functional description of inputs, behavior, and outputs as reflected in the SSP. Supporting development of all RMF artifacts including POA&Ms, Security Assessment Reports (SARs), Risk Acceptance Packages, and continuous monitoring artifacts. Managing the complete Authorization to Operate (ATO) package lifecycle, including development of the POA&M tracker, Risk Acceptance Recommendation Report, residual risk statement, and briefing materials for AO presentation and decision-making. Coordinating incident response escalation and network access control oversight, including review and documentation of account provisioning processes and procedures in alignment with the IR Plan. Providing RMF-related planning and execution guidance at organizational, mission, business process, and system levels to ensure risk-informed governance and control applicability. Monitoring compliance with USAFA policies, DoD instructions, and federal cybersecurity mandates, while identifying opportunities for control optimization and continuous improvement across systems and programs. Requirements Qualifications include: Must be a U.S. citizen. Required certifications: CISSP/CISSO and PMP. Bachelor’s degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET-accredited or CAE-designated institution. Minimum five years of experience in Information System Security Management; additional experience in the USAF environment is preferred. Familiarity with NIST SP 800-37 Rev. 2, SP 800-53 Rev. 5, FIPS 199/200, FedRAMP, AFI 17-101, DoDI 8510.01, and eMASS workflows. Active Tier 3 security clearance. Benefits OCT offers competitive compensation and benefits including: Medical, Dental, and Vision insurance Retirement 401K plan with 3% employer contributions Paid Time Off and Federal Holidays Life Insurance, Short- and Long-Term Disability Benefits Training Benefits Salary Range: $50,000 - $250,000 annually, based on experience and education. About OCT Consulting Founded in 2013, OCT Consulting LLC is a minority-owned, Small Disadvantaged Business (SDB) providing professional services and IT solutions to federal and commercial clients. We are committed to equal opportunity employment and fostering a diverse, inclusive workplace where all contributions are valued.
#J-18808-Ljbffr