Information System Security Manager - CMMC Level 2

Summary

Join BETSOL as an Information System Security Manager (ISSM) to oversee and maintain the security posture of our information systems within our Microsoft Azure Government tenant. Develop, implement, and enforce security policies, standards, and procedures to protect our Controlled Unclassified Information (CUI). This role requires a strong understanding of NIST SP 800-171, CMMC Level 2 framework, and Azure Gov security capabilities. You will collaborate with IT owners and security teams to manage system access controls, integrate security requirements into development processes, apply security patches, perform system auditing, and maintain security documentation. Maintain a strong understanding of evolving cybersecurity threats and vulnerabilities. This position offers a chance to play a key role in transforming contact center operations through cloud technology.

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent experience will be considered
• Minimum of 3-5 years of experience in information security, with a focus on system security management
• Demonstrated understanding of NIST SP 800-171 and the CMMC framework (specifically Level 2 requirements)
• Experience developing and maintaining System Security Plans (SSPs)
• Strong understanding of cloud security principles and practices, specifically within Microsoft Azure Gov
• Strong written and verbal communication skills, with the ability to communicate technical information to both technical and non-technical audiences
• U.S. Citizenship and residency required due to government contract requirements and the nature of Azure Gov

Responsibilities

• Develop, implement, and maintain System Security Plan (SSP), Security Posture-related Plan of Action and Milestones (POA&Ms) and other security-related documentation in accordance with CMMC Level 2 requirements and NIST SP 800-171, specifically addressing the Azure Gov environment
• Collaborate with IT owners to manage and monitor system access controls within Azure Gov, including user account management, permissions, and authentication methods (e.g., Azure Active Directory/Entra ID)
• Collaborate with IT owners and IT Security teams to integrate security requirements into system development and operational processes within the Azure Gov-based CMMC environment
• Collaborate with IT owners to ensure the timely application of security patches and updates to all systems and applications to ensure ongoing compliance with CMMC Level 2 requirements within the Azure Gov environment
• Collaborate with IT owners and IT Security teams to perform system auditing and security monitoring of Azure-based infrastructure and support investigations on information assurance-related security violations/incidents
• Collaborate with IT owners to maintain records and documentation related to security configurations, policies, and procedures within Azure Gov
• Maintain a strong understanding of evolving cybersecurity threats and vulnerabilities, and adapt security measures accordingly, with a focus on the Azure Gov ecosystem

Preferred Qualifications

• Relevant security certifications such as Security+, CISSP, CISM, or equivalent
• Microsoft Azure certifications, particularly those related to security (e.g., Azure Security Engineer)
• Experience with security auditing and compliance frameworks
• Strong knowledge of industry security policies, regulations, and guidelines

Benefits

• Comprehensive health insurance
• Competitive salaries
• 401K
• Volunteer programs
• Scholarship opportunities
• Fitness center
• Cafe
• Recreational facilities