Information System Security Manager (ISSM)

Information System Security Manager (ISSM)Job Category: SecurityTime Type: Full timeMinimum Clearance Required to Start: SecretEmployee Type: RegularPercentage of Travel Required: NoneType of Travel: None* * *

The Opportunity:

The Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program is seeking an Information System Security Manager (ISSM) to support the United States Coast Guard (USCG) in overseeing the secure design, implementation, and sustainment of Cloud enterprise environments. This position will be responsible for ensuring compliance with cybersecurity policies, supporting Authorization to Operate (ATO) efforts, and serving as the principal security advisor on all matters involving the protection of information systems.

This is a full-time, remote position. Candidates must reside within the United States. Meetings will be conducted virtually, with or without video conferencing.

Responsibilities:

• Serve as the primary cybersecurity authority for USCG Cloud systems, overseeing system security plans, risk assessments, vulnerability management, and compliance with DoD cybersecurity frameworks.
• Lead the development, review, and approval of security documentation including the System Security Plan (SSP), Plan of Action and Milestones (POA&M), Configuration Management Plan (CMP), Contingency Plans, and Incident Response Plans.
• Implement and enforce security policies and procedures in accordance with federal regulations including NIST SP 800-53, NIST 800-171, FISMA, FedRAMP, and DoD Cloud Computing SRG.
• Coordinate with the USCG Authorizing Official (AO), ISSOs, and engineering teams to ensure secure design and continuous monitoring of Microsoft Azure and hybrid environments.
• Support the full Security Engineering Lifecycle (SELC), including security architecture reviews, risk analysis, and mitigation recommendations.
• Validate compliance with applicable STIGs, SCAP benchmarks, and DoD Secure Cloud Computing Architecture (SCCA) functional requirements.
• Monitor and report on security controls, configuration changes, and incident trends using Microsoft Sentinel, Azure Monitor, and Azure Log Analytics.
• Provide SME-level guidance on the use of MECM, Intune, CMG, Azure AD, Microsoft Defender, Azure Firewall, and related technologies to maintain a compliant security posture.
• Collaborate with engineering teams to automate compliance activities through PowerShell, GIT, and Azure Automation.
• Lead security control assessments and coordinate annual security reviews and system re-authorizations as required.
• Train and mentor junior cybersecurity personnel, promoting best practices in cyber hygiene and secure cloud operations.

Qualifications:

• Active Secret Clearance
• DoD 8570 IAT Level II Certification (e.g., Security+ CE)
• Favorable adjudicated Tier 1 background investigation (SF-85)
• 7+ years of information systems security experience in a DoD or federal environment
• In-depth knowledge of NIST RMF, STIGs, and DoD cybersecurity policy frameworks
• Direct experience supporting ATO packages, POA&M remediation, and control implementation
• 5+ years of hands-on experience with vulnerability management, patching, and secure configuration enforcement
• Strong communication skills for interfacing with USCG stakeholders, engineers, and federal leadership

Desired:

• Bachelor’s or advanced degree in Cybersecurity, Computer Science, Information Assurance, or a related technical field
• Certified Information Systems Security Professional (CISSP) or equivalent DoD 8570 IAM Level III certification (e.g., CISM, GSLC)
• Microsoft Azure-related certifications such as AZ-500, SC-100, or SC-900
• Experience managing RMF (Risk Management Framework) compliance activities and preparing system documentation for ATOs
• Knowledge and hands-on experience with Secure Cloud Computing Architecture (SCCA) components and controls
• Familiarity with FedRAMP, FISMA, NIST SP 800-53, and DoD Cloud Computing SRG
• Experience conducting Security Control Assessments (SCAs) and supporting Independent Verification & Validation (IV&V) processes
• Working knowledge of vulnerability scanning tools (e.g., Tenable.sc, Nessus, Qualys) and interpreting scan results for POA&M updates
• Previous experience with USCG, DHS, or other federal security compliance programs

________________________________________________________________________________________

What You Can Expect:

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

An environment of trust.

CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

Your potential is limitless. So is ours.

Learn more about CACI here.

________________________________________________________________________________________

Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here .

Since this position can be worked in more than one location, the range shown is the national average for the position.

The proposed salary range for this position is:

CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.

CACI provides information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is a member of the Fortune 1000 Largest Companies, the Russell 2000 ...