Full-Time Information System Security Manager (ISSM)

BETSOL is seeking a highly motivated and experienced Information System Security Manager (ISSM) to oversee and maintain the security posture of our information systems within our Microsoft Azure Government tenant, in accordance with the Cybersecurity Maturity Model Certification (CMMC) Level 2 requirements.

The ISSM will be responsible for developing, implementing, and enforcing security policies, standards, and procedures to protect the confidentiality, integrity, and availability of our Controlled Unclassified Information (CUI) within the Azure Gov environment.

This role requires a strong understanding of NIST SP 800-171, CMMC Level 2 framework, Azure Gov security capabilities, and best practices in information security.

The ideal candidate will be a proactive problem-solver with excellent communication and organizational skills, capable of working independently and collaboratively within a dynamic environment.

Responsibilities:

1. Develop, implement, and maintain System Security Plan (SSP), Security Posture-related Plan of Action and Milestones (POA&Ms) and other security-related documentation in accordance with CMMC Level 2 requirements and NIST SP 800-171, specifically addressing the Azure Gov environment.
2. Collaborate with IT owners to manage and monitor system access controls within Azure Gov, including user account management, permissions, and authentication methods (e.g., Azure Active Directory/Entra ID).
3. Collaborate with IT owners and IT Security teams to integrate security requirements into system development and operational processes within the Azure Gov-based CMMC environment.
4. Collaborate with IT owners to ensure the timely application of security patches and updates to all systems and applications to ensure ongoing compliance with CMMC Level 2 requirements within the Azure Gov environment
5. Collaborate with IT owners and IT Security teams to perform system auditing and security monitoring of Azure-based infrastructure and support investigations on information assurance-related security violations/incidents.
6. Collaborate with IT owners to maintain records and documentation related to security configurations, policies, and procedures within Azure Gov.
7. Maintain a strong understanding of evolving cybersecurity threats and vulnerabilities, and adapt security measures accordingly, with a focus on the Azure Gov ecosystem.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent experience will be considered.
• Minimum of 3-5 years of experience in information security, with a focus on system security management.
• Demonstrated understanding of NIST SP 800-171 and the CMMC framework (specifically Level 2 requirements).
• Experience developing and maintaining System Security Plans (SSPs).
• Strong understanding of cloud security principles and practices, specifically within Microsoft Azure Gov.
• Strong written and verbal communication skills, with the ability to communicate technical information to both technical and non-technical audiences.
• U.S. Citizenship and residency required due to government contract requirements and the nature of Azure Gov.

Preferred Qualifications:

• Relevant security certifications such as Security+, CISSP, CISM, or equivalent.
• Microsoft Azure certifications, particularly those related to security (e.g., Azure Security Engineer).
• Experience with security auditing and compliance frameworks.
• Strong knowledge of industry security policies, regulations, and guidelines

What is the last date for applying to the job?

Which countries are accepted for this remote job?