Serve as the designated ISSM for the system.
Independently lead all cybersecurity and RMF activities required to achieve and maintain system authorization.
Take ownership of an ongoing reauthorization effort and drive documentation, coordination, and execution to completion.
Develop, update, and manage RMF artifacts including the System Security Plan, POA&Ms, security assessment documentation, and continuous monitoring materials.
Work directly with the system administrator, development team, and government stakeholders to close gaps and meet required milestones.
Support a production system that must remain operational while authorization activities are underway, ensuring continuity of service and risk awareness.
Oversee security controls during steady-state operations, quarterly system updates, and as-needed enhancements.
Ensure cybersecurity considerations are integrated into system updates and limited CAD-related functionality.
Identify, assess, and manage risks proactively, tracking remediation activities through POA&M closure.
Act as the primary cybersecurity point of contact for leadership, the system administrator, developers, and supporting technical teams.
Engage directly with business users, technical staff, and senior leaders to translate cybersecurity requirements into clear, actionable guidance.
Coordinate closely with the government lead and system administrator to drive progress, resolve issues, and maintain transparency.
Operate effectively in a fully remote environment, collaborating through Microsoft Teams and other virtual tools.

Requirements

Active Secret security clearance
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience.
7+ years of experience in DoW cybersecurity or information assurance roles.
3+ years’ experience serving as an ISSM or leading RMF and ATO efforts for an operational DoW system.
At least one DoW IAT or IAM Level III certification such as CISSP, CISM, CASP+, GSLC, or equivalent.
Strong working knowledge of DoW RMF processes and NIST SP 800-53 security controls.
Experience supporting systems through operations and sustainment while managing ATO requirements.
Ability to work independently and fully remote and lead efforts and collaborate effectively with distributed teams.
Proven ability to operate independently and proactively, with minimal oversight.
Strong ownership mindset with the ability to drive work forward in the absence of existing structure.
Demonstrated success meeting tight timelines and recovering behind-schedule cybersecurity efforts.
Ability to work directly across multiple stakeholders, including business users, technical teams, and senior government leaders.
Excellent written and verbal communication skills, particularly for explaining cybersecurity requirements to non-technical audiences.
Strong organizational skills and attention to detail in documentation and compliance efforts.

Benefits

Health, dental, and vision insurance
401(k) retirement plan with company match
Paid time off (PTO) and holidays
Parental Leave and dependent care
Flexible work arrangements
Professional development opportunities
Employee assistance and wellness programs

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

cybersecurityRMFSystem Security PlanPOA&Msecurity assessment documentationcontinuous monitoringsecurity controlsNIST SP 800-53ATO requirementsinformation assurance

Soft skills

independent workcollaborationownership mindsetproactive managementcommunicationorganizational skillsattention to detailstakeholder engagementproblem resolutiontime management

Certifications

CISSPCISMCASP+GSLCDoW IAT Level IIIDoW IAM Level III