Senior Information Systems Security Manager

Summary

Join MetroStar as a Sr. Information Systems Security Manager and oversee the full lifecycle support and sustainment of a DoD logistics system environment, focusing on cybersecurity, configuration management, and performance assurance. Guide risk management practices aligned with RMF, STIGs, and NIST 800-53, ensuring secure integration of system changes and releases. Lead all cybersecurity functions across multiple system environments, conduct risk assessments, and manage the ATO lifecycle. Monitor system logs, respond to incidents, and enforce security policies for various platforms. Collaborate with government stakeholders and provide security guidance to engineering teams. Document security procedures and lead security readiness reviews. Track emerging threats and support strategic risk mitigation plans. This role requires a DoD Secret clearance, a Bachelor's degree or equivalent, specific certifications, and extensive experience in information assurance and cybersecurity.

Requirements

• Active DoD Secret security clearance
• Bachelor’s Degree in Information Systems or Business Administration, or equivalent experience
• Hold or able to obtain DoD 8570 IAM Level III certifications (e.g., CISSP, CISM)
• Must hold a current CISSM, CASP, or CAP certification
• 7+ years of experience in information assurance, cybersecurity, or related roles, including cloud and ERP systems
• 3+ years of experience applying cybersecurity controls in DoD public cloud platforms (AWS, Azure, Google Cloud)
• Demonstrated experience with RMF, NIST 800-53, and DoD IA/cybersecurity principles and frameworks
• Strong understanding of incident response, threat analysis, vulnerability management, and system security engineering
• Familiarity with DoD ATO processes and security authorization packages
• Strong leadership, collaboration, communication, and analytical skills
• Ability to operate independently and drive security initiatives across teams

Responsibilities

• Oversee and lead all cybersecurity functions across multiple system environments
• Conduct risk assessments and ensure systems adhere to DoD cybersecurity - policies and NIST 800-53 controls
• Manage the ATO lifecycle, including development of security plans, POA&Ms, and risk assessments
• Monitor system logs, perform vulnerability scans, and respond to incidents in collaboration with the SOC
• Coordinate and enforce security policies for Oracle EBS and cloud platforms (OCI, AWS, Azure)
• Provide security guidance to engineering teams during system changes, patching, and release cycles
• Collaborate with Government ISSMs, system owners, and IA stakeholders to maintain authorization
• Document security procedures, audit artifacts, and system configurations for inspections and reviews
• Lead security readiness reviews for quarterly releases and Agile sprint cycles
• Track emerging threats, evaluate security technologies, and support strategic risk mitigation plans

Benefits

• Health, dental, and vision insurance
• 401(k) retirement plan with company match
• Paid time off (PTO) and holidays
• Parental Leave and dependent care
• Flexible work arrangements
• Professional development opportunities
• Employee assistance and wellness programs
• This role may also be eligible for bonuses and/or additional incentives based on individual and company performance