Overview --------
Information Systems Security Manager (ISSM)Location: Hurlburt Field, FL, JBSA, TX, and Keesler AFB, MSJob Status: Full time Clearance: Top Secret
Astrion has an exciting opportunity coming up for an ISSM to join our team and support the 39th Information Operations Squadron (39 IOS). We are preparing to hire for Journeyman, Senior, and SME levels. We anticipate a start date in March/April 2026. Cyber Operations Formal Training Support III (CyOFTS III) is a Cyber Schoolhouse program supporting delivery, development, and sustainment of cyber training across operationally relevant mission sets. The team supports instruction, curriculum and content development, training operations, and program execution at multiple Air Force and joint training locations.
Required Qualifications / Skills -----------------------------
• Active Top Secret clearance • IAT/M Level III certification • Education and Experience will depend on the labor category level • Previous Information System Security experience is required
Responsibilities ----------------
Perform Information Systems Security Manager duties consistent with the labor category and required RMF experience. Support Risk Management Framework (RMF) activities consistent with the required experience timeframe. Support functions aligned to DCWF work roles (Information Systems Security Manager; Security Control Assessor; Cyber Defense Incident Responder) as applicable.
Key Responsibilities -------------------
• Direct, oversee, and manage and perform records management for all Account Forms, including: • Authorized User Agreements and associated user forms for all networks required for duty at the 39 IOS • System Authorization Access Requests • Privileged User Agreements • 8570/8140 validation • Operating System Certification validation • Associated user forms • Manage and update MICT checklists for assigned programs, including: • Privileged User • 17-1301 COMPUSEC • 17-101 RMF • Verify Cybersecurity Awareness training for all students and maintain appointment letters for Program Managers, ISSO, ISSM, ISSE, Systems Administrators, Client Systems Technicians, and Cybersecurity Liaisons. • Ensure equipment inspection prior to entry and exit of the facilities and ensure entry and exit logs are accomplished. • Oversee and perform wireless scanning throughout the facility to ensure no rogue activity. • Review, update, and enforce Media Control policy, including: • Issuing and tracking removable media • Ensuring media sanitization • Reviewing equipment purchase requests to ensure items are on approved products listings and meet requirements to enter the facilities. • Direct and conduct network audits and review vulnerability scans on all networks used by the 39 IOS. • Respond to any vulnerabilities appropriately while overseeing and performing COMPUSEC and Information Security (INFOSEC) duties. • Validate administrator accounts on all networks and respond to any discrepancies appropriately by monitoring, validating, and reporting administrators 8570/8140 certification status. • Respond to incidents and oversee response and reporting, including: • Performing random walkthroughs • Bag inspections with the Security team • Review, update, and enforce contingency plan policy • Ensure cybersecurity marking and standards enforcement, including: • Classification stickers and markings on all systems • Bomb threat aids posted by all phones • Combined Security Cards posted by all workstations. • Answer all TASKORDS/taskers by MAJCOM for action on unit-owned networks, including: • Vulnerability remediation and data calls. • Oversee the Risk Management Framework (RMF) process for all networks owned and operated by the 39 IOS, including: • Answering data calls • Preparing system package • Categorizing system by guiding documents • Selecting security controls for risk mitigation • Implementing security controls • Assessing security control effectiveness • Monitoring system and updating accreditation package • Security Impact Analysis (SIA) submissions for tenants requesting changes and install of new software • Responding to and coordinating requirements for accreditation package not owned by the squadron. • Manage the Cybersecurity Liaison program for the squadron under the direction of the Wing Cybersecurity Office by reviewing, updating, and enforcing the Security Concept of Operations (SECONOPS) policy. • Maintain and apply required IAT/M Level III certification within the scope of assigned duties.