Cybersecurity Information System Security Manager

Job ID: 2612983
Location: Remote Work, VA, United States
Date Posted: May 27, 2026
Category: Cyber
Subcategory: Cyber GRC
Schedule: Casual (includes On-Call and Temporary)
Shift: Day Job
Travel: No
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: Remote
Benefits: Click here

Description

SAIC is seeking a hands-on Cybersecurity Information System Security Manager (ISSM) to support a part-time program within the Department of War (DoW). This position focuses on leveraging Risk Management Framework (RMF), Continuous Monitoring (ConMon), and cybersecurity best practices to ensure the security posture of the system and operations. The successful candidate will collaborate with cross-functional teams, execute vulnerability management, and provide guidance on security compliance using tools and methodologies aligned with contract requirements.

This is a remote / work from home position, approximately 10 hours per week.

Duties and Responsibilities:

• Compliance Management: Ensure systems and processes comply with DoW Information Assurance (IA) regulations, RMF, NIST 800-53, and other applicable policies.
• Maintain and manage the Authorization to Operate (ATO) lifecycle, including ConMon of networks and systems.
• Conduct vulnerability assessments (e.g., with ACAS, STIGs) and execute remediation plans.
• Review security alerts to detect and assess potential anomalies.
• Conduct ConMon tasks, including Configuration Control Board (CCB) impact reviews, patching recommendations, and ATO delta documentation.
• Support vulnerability scanning efforts by reviewing scan reports, tracking mitigations, and documenting residual risks.
• Assist in maintaining RMF documentation—such as System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and archiving security artifacts in Enterprise Mission Assurance Support Service (eMASS).
• Review and assess access logs and user activity reports to identify and report potential inconsistencies or anomalies.
• Use Jira for tracking cybersecurity and engineering activities facilitating ConMon of security measures.
• Manage cybersecurity incidents, including detection, response, documentation, and post-incident analysis.
• Report security breaches and other incidents to senior cyber authorities per DoW instructions.
• Support the creation and dissemination of program-wide security awareness initiatives.
• Serve as a bridge between Information System Security Officer (ISSO) and engineers.

Qualifications

Required Education and Experience:

• Bachelor’s degree in related discipline and ten (10) years or more experience. Four (4) additional years of related experience will be considered in lieu of a bachelor’s degree.
• Experience performing security monitoring, risk assessments, and compliance checks.
• Demonstrated experience in vulnerability management, including analyzing scan results and overseeing remediations.
• Hands-on experience maintaining RMF packages and security documentation within tools like eMASS.
• Familiarity with incident response coordination and audit log review processes.
• Experience collaborating with CCBs and providing risk assessments related to system changes.
• Experience working closely with ISSO and Systems Integration teams.

MUST have Certification Requirement:

• Certified Information Systems Security Professional (CISSP) preferred. Certified Authorization Professional (CAP) and GIAC Security Leadership Certification (GSLC) are acceptable.
• Must be CompTIA Security+ certified

Clearance Requirement:

• Active Secret Clearance

Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

Apply Now >