Information System Security Manager – ISSM
Applied Research Solutions
full-time
Posted on:
Location Type: Remote
Location: Remote • Ohio • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AzureCloudCyber Security
About the role
- Assist in the development and security hardening of a DevSecOps cloud environment
- Oversee the full lifecycle of Assessment and Authorization (A&A) activities
- Maintain continuous Authority to Operate (ATO) compliance
- Ensure accuracy, completeness, and integrity of all security artifacts within eMASS
- Develop, implement, and enforce cybersecurity policies
- Monitor control inheritance and system boundary changes
- Conduct risk assessments and guide the engineering team
Requirements
- Must be a US citizen
- Bachelor’s degree in cybersecurity, computer science, engineering, or related field (or equivalent experience)
- 5+ years of cybersecurity engineering experience, preferably supporting DoD, federal, or regulated environments
- Hands-on experience with Azure security tools, including Microsoft Defender suite, Sentinel, Purview, and Azure Policy
- Strong knowledge of DevSecOps practices, CI/CD pipelines, and integrating security automation into development workflows
- Deep understanding of DoD RMF, NIST SP 800-53 Rev. 5 controls, and security assessment/evidence requirements
- Experience implementing CMMC 2.0 or NIST SP 800-171 controls, including documentation, continuous monitoring, and audit readiness
- Proficiency in vulnerability management tools, remediation processes, and risk-based prioritization
- Familiarity with threat intelligence platforms, adversary TTP analysis, and building threat-informed security detections
Benefits
- Competitive salary
- Flexible working hours
- Professional development opportunities
- Awards and recognition programs
- Personalized attention from ARS Senior Managers
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurity engineeringDevSecOpsCI/CD pipelinessecurity automationvulnerability managementrisk assessmentssecurity policiesCMMC 2.0NIST SP 800-53 Rev. 5NIST SP 800-171