Information Systems Security Manager (ISSM)

We are seeking a highly skilled and motivated Information Systems Security Manager (ISSM) to oversee and manage cyber security and the information security program within NSWC Crane’s dynamic digital engineering portfolio. The ISSM will be responsible for maintaining compliance with security policies, standards, and frameworks while ensuring the confidentiality, integrity, and availability of the organization's systems and data. This role will include identifying security risks, enforcing compliance requirements, implementing controls, and leading the response to potential security incidents.  The ideal candidate will have an in-depth understanding of cybersecurity principles, regulatory requirements, and industry best practices. They must possess excellent leadership and communication skills to collaborate with cross-functional teams and stakeholders effectively.

Key Responsibilities:

• Information Security Program Management:
• • Develop, implement, and maintain the organization's information security policies, strategies, procedures, and guidelines.
  • Ensure compliance with industry frameworks (e.g., NIST, ISO 27001, GDPR, CMMC, HIPAA, etc.) and government regulations.
  • Establish strong security governance practices and manage risk assessment processes.
• Risk Management and Compliance Oversight for IT infrastructure and program requirements
• • Act as the primary point of contact for audits, assessments, and compliance-related activities.
  • Ensure compliance with internal policies, regulatory requirements, and contractual security obligations.
  • Lead efforts to achieve and maintain required certifications (e.g., ISO27001, SOC 2, CMMC).
• Incident Management and Response:
• • Develop and maintain an incident response plan.
  • Lead investigation and resolution of security incidents, including root cause analysis and remediation steps.
  • Collaborate with external vendors, law enforcement, or forensics teams to address breaches when necessary.
• Security Operations Support:
• • Oversee access control, identity management, and data protection measures.
  • Manage security-related tools and technologies, including firewalls, intrusion detection systems, endpoint protection, and SIEM platforms.
• Team and Stakeholder Collaboration:
• • Provide leadership and direction to the cybersecurity team.
  • Train and educate employees on security awareness and best practices.
  • Collaborate with IT and business units to integrate security requirements seamlessly into organizational processes and technologies.
• Strategic Planning:
• • Stay updated with emerging threats, vulnerabilities, and security trends.
  • Make recommendations for improvements to security architecture, systems, and processes.
  • Contribute to the development and execution of the organization's long-term cybersecurity strategy.

Location:  Crane, IN -300 Highway 361, Crane, IN 47522

Required:

• BS 5-7 Years Experience, MS 3-5, PhD 0-2 in Information Technology, Cybersecurity, Computer Science, or a related field (Master’s degree preferred).
• Experience in information security, cybersecurity, or related roles, with at least 2+ years in a leadership or managerial role.
• A GSLC or CISSP or CISM or CAP or or CASP is required.
• Must possess an active DoD Secret clearance, with the ability to obtain a TS clearance.
• Strong understanding of information security principles, risk management, and vulnerability management.
• Experience with regulatory and compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS, SOX, GDPR, HIPAA).
• Proficiency in security tools such as eMASS, ACAS, SIEM, firewalls, IDS/IPS, DLP, and endpoint protection platforms.
• Knowledge of cloud security best practices (e.g., Azure, AWS, GCP).
• Strong problem-solving, decision-making, and analytical skills.
• Excellent verbal and written communication skills to work with technical and non-technical stakeholders.

Preferred Qualifications:

• Familiarity with DevSecOps and Secure Software Development Lifecycle (SDLC).
• Experience managing security in hybrid cloud and on-premises environments.
• Strong project management skills with the ability to lead security-related initiatives

We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.