OTHER

FEED

UNKNOWN

Ability to ensure all products and administrative documentation is completed and maintained, including continuity and historical reference, and design, develop, and implement network security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation. 4+ years of experience reviewing assessment reports and assisting projects in identifying security risks, including technical and non-technical, and developing effective mitigation strategies, including Plan of Action and Milestones.

Position Summary:
MAG is currently looking for an Information Systems Security Manager (ISSM) to provide a variety of services leveraging the Risk Management Framework (RMF) accreditation. Services are associated with validation, approval, and sustainment of cybersecurity accreditation packages. Performs and analyze a range of Information Security Systems Manager (ISSO) activities and assist with the development and implementation of security policies in Fort Bragg, NC.

Essential Duties and Responsibilities:
Duties include, but not limited to:<ul><li>Leads the development, implementation, and sustainment of the organization’s cybersecurity program in accordance with NIST SP 800-53, and RMF guidance.</li><li>Oversees continuous monitoring, vulnerability management, and cybersecurity inspections.</li><li>Coordinates with Command leadership CIO/CDAO/CISO offices, and external stakeholders to ensure alignment with enterprise cybersecurity strategy.</li><li>Manages cybersecurity workforce roles in accordance with DoD 8140/8570 requirements.</li><li>Supervise ISSOs and contractors, provides technical direction. Ensures consistent implementation of cybersecurity policies, RMF requirements, and security controls across all supported systems.</li><li>Serves as Deputy RMF Supervisor for all assigned information systems.</li><li>Oversees system categorization, control selection, implementation, assessments, and authorization package development.</li><li>Ensures timely submission and maintenance of system Security Plans (SSPs) POA&Ms, Security Assessment Reports (SARs), and other RMF artifacts.</li><li>Coordinates with the Authorizing Official (AO), Security Control Assessor (SCA), and system owners to achieve and maintain Authorization to Operate (ATO).</li><li>Ensures continuous monitoring activities are executed and documented.</li><li>Oversees vulnerability scanning, STIG compliance, patch management, and security tool deployment (e.g., ACAS, HBSS/ESS, EDR).</li><li>Provides cybersecurity training, awareness, and guidance to system owners, administrators and users</li><li>Prepares for and supports cybersecurity inspections, audits, and readiness assessments (e.g., CORA, IG and JCIP inspections).</li><li>Represents the organization at cybersecurity working groups, technical exchanges and governance boards.</li><li>Supervise ISSOs and contractors, provides technical direction. Ensures consistent implementation of cybersecurity policies, RMF requirements, and security controls across all supported systems.</li></ul>

Requirements:
Minimum Requirements Knowledge and Skills The required skills and knowledge include: <ul><li>US Citizenship and Possess an Active TS/SCI Clearance. </li><li>In compliance with DoD Cyber Workforce 8570.01  </li><li>Experience applying abstract security requirements, including NIST 800-53 version 5 controls to information systems.</li><li>Experience in an advisory environment and communicating technical subjects to clients.</li><li>Knowledge of supporting the development or modification of System Security Plans, security requirements, and supporting documentation for the Assessment and Authorization process.</li><li>Ability to ensure all products and administrative documentation is completed and maintained, including continuity and historical reference, and design, develop, and implement network security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation.</li><li>Mentor junior ISSOs, system administrators, and mission partners on RMF processes and best practices.</li><li>Support cyber assessments, inspections, red/blue team activities, and incident response planning.</li><li>Must meet position and certification requirements outlined in DoD Directive 8570.01 / 8140 for Information Assurance Management Level 2 or 3 (IAM Level II / III). </li></ul> The minimum years of related experience required:  <ul style="margin-top:0in"><li>5+ years of experience leading and implementing the Assessment and Authorization process under Risk Management Framework for new and existing information systems.</li><li>4+ years of experience reviewing assessment reports and assisting projects in identifying security risks, including technical and non-technical, and developing effective mitigation strategies, including Plan of Action and Milestones.</li></ul> Education <ul><li>The minimum level of education required is: BS in Computer Science or Information Technology (or equivalent experience)</li></ul> Desired RequirementsThe desired skills, knowledge, and education include: <ul><li>Familiar with DIA assessments and accreditation documentation within the XACTA management platform. </li><li>Familiar with eMASS - ENTERPRISE MISSION ASSURANCE SUPPORT SERVICES platform. </li><li>Conduct audits to identify how well controls are delivered/supported and potential opportunites for improvement with stakeholders. </li><li>Provide reports, briefs, and POAM creation for findings.</li><li>Ability to read, review, and consolidate ACAS scans, DISA STIGS, and Information Assurance Vulnerability Management (IAVM) results. </li><li>Excellent interpersonal skills, including the ability to work on multi-functional teams </li><li>Display detailed knowledge and understanding of multiple technology infrastructures. </li><li>Ability to serve as a principal advisor on all matters, technical and otherwise, involving the security of an IS.  </li><li>Exhibit individual initiative to influence events and achieve goals. Be proactive and a self-starter, going beyond specific job responsibilities to ensure goals and achieved or exceeded. </li><li>Travel as necessary for customer projects, technology expositions, and corporate meetings. </li></ul> Other Qualifications <ul><li>Outside of the above, other certifications, licenses, or clearances include: None </li><li>Physical requirements for the job include the ability to work in an office and lab environment. </li></ul>

Benefits and Compensation:
At MAG Aerospace, we value your contributions providing our employees with a robust Total Rewards package that supports your total well-being. Full-time and part-time employees working at least 30 hours a week on a regular basis are eligible to participate in MAG's Total Rewards programs. Our offerings include health, life, disability, financial, and retirement benefits as well as paid leave, professional development, and tuition assistance. Individuals that do not meet the threshold are only eligible for select offerings not inclusive of health benefits. We encourage you to learn more about our Total Rewards Program by visiting the Resource page on our Careers site: https://www.magaero.com/benefits/. Salary at MAG Aerospace is determined by various factors including but not limited to location, the particular combination of education, knowledge, skills, competencies, and experience as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $135,00.00 to $150.00.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of MAG's total compensation package for employees.

MAG Aerospace

Information Systems Security Manager (ISSM)

Administrator Documentation

Analysis Skills

Auditing

Authentication

Best Practices

Computer Science

Computer Security

Cross-Functional

Customer Support/Service

Defense Information Systems Agency (DISA)

Defense Intelligence Agency (DIA)

DoD Directive 8140

DoD Directive 8570

Documentation

Exceeded Sales Goal

IAM - Information Assurance Management

Incident Response

Information Technology & Information Systems

Information/Data Security (InfoSec)

Internet Security

Interpersonal Skills

Leadership

Mentoring

Network Security

Physical Demands

Policy Implementation

Process Management

Product Documentation

Reporting Skills

Risk Analysis

Risk Management Framework (RMF)

Security Analysis

Security Monitoring

Security Patches

Sensitive Compartmented Information (SCI)

Strategic Planning

Systems Administration/Management

Systems Maintenance

Time Management

Top Secret Clearance

Training/Teaching

U.S. National Institute of Standards and Technology (NIST)

United States Citizen

United States Department of Defense (DoD)

Vulnerability Scanners

Willing to Travel

Workforce Management

[AW]-iCims

Overview: LMI is seeking a skilled Information System Security Engineer (ISSE) with hands-on experience in AWS cloud security to provide advanced cybersecurity engineering and Risk Management Framework (RMF) support for Department of Defense (DoD) cloud-based systems. This position focuses on designing, implementing, and maintaining secure AWS environments aligned with DoD Cloud Computing Security Requirements Guide (CC SRG), NIST SP 800-53, and DISA STIGs/SRGs to support Authorization to Operate (ATO) efforts.

YEAR

Overview:
LMI is seeking a skilled Information System Security Engineer (ISSE) with hands-on experience in AWS cloud security to provide advanced cybersecurity engineering and Risk Management Framework (RMF) support for Department of Defense (DoD) cloud-based systems. This position focuses on designing, implementing, and maintaining secure AWS environments aligned with DoD Cloud Computing Security Requirements Guide (CC SRG), NIST SP 800-53, and DISA STIGs/SRGs to support Authorization to Operate (ATO) efforts. LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed. Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors—helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value. This position can be remote but requires quarterly travel for planning increments. This position requires an active SECRET clearance; TS/SCI preferred.

Responsibilities:
<ul><li>Architect and manage robust access control strategies using AWS Identity and Access Management (IAM), enforcing the principle of Least Privilege across all roles and users.</li><li>Implement encryption and key management solutions using AWS Key Management Service (KMS) and related tools to protect data at rest and in transit, aligning with DoD data classification standards.</li><li>Deploy and configure native AWS security services (e.g. GuardDuty, Security Hub, Inspector, and Config) to provide continuous threat detection, compliance monitoring, and automated remediation.</li><li>Collaborate with network teams to secure VPCs using AWS Network Firewall, WAF, and hybrid connectivity solutions (Direct Connect, VPN) within a GovCloud environment.</li><li>Lead technical implementation and validation of NIST SP 800-53 and DoD CC SRG controls to achieve and maintain ATO.</li><li>Serve as a technical SME for RMF documentation and artifact generation within eMASSor other DoD compliance systems.</li><li>Design, test, and implement DISA STIG/SRG-based configuration hardening across AWS services, operating systems, and containerized workloads.</li><li>Conduct continuous vulnerability scanning and monitoring using DoD-approved tools (ACAS/Nessus), coordinating remediation and risk mitigation activities.</li><li>Integrate security into CI/CD pipelines using Infrastructure-as-Code (IaC) tools such as Terraform or CloudFormation to automate compliance and security controls.</li><li>Build and maintain centralized, compliant logging architectures using Splunk, Elastic, or equivalent SIEM platformsto ensure event visibility and retention per DoD policy.</li><li>Participate in incident response activities for cloud-based threats, performing forensic analysis and recommending corrective actions.</li><li>Collaborate with DoD stakeholders, system owners, and developers to embed security throughout the system lifecycle and support RMF accreditation efforts.</li><li>Implement and maintain Trellix ePolicy Orchestrator (ePO) infrastructure, including deployment and lifecycle management of Trellix endpoint security solutions (Endpoint Security, Policy Auditor, Application Control).</li><li>Manage ePO extensions, repositories, and Agent Handlers to ensure scalability, performance, and operational resilience across the enterprise.</li></ul>

Qualifications:
<ul><li>Active SECRET clearance required; TS/SCI preferred</li><li>Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)</li><li>3–5+ years of experience in information security, with at least 3 years focused on AWS cloud security engineering</li><li>Deep experience with DoD RMF, NIST SP 800-53, DoD CC SRG, and DISA STIG/SRG compliance frameworks</li><li>Strong hands-on expertise with AWS security services (IAM, KMS, GuardDuty, Security Hub, Config)</li><li>Experience with Docker, Kubernetes, and system hardening for Linux/Windows environments</li><li>Proficiency in IaC tools (Terraform, CloudFormation) for managing and enforcing security policies</li><li>Familiarity with ACAS/Nessus, continuous monitoring, and vulnerability management processes</li><li>Experience integrating security within DevSecOps and CI/CD workflows</li><li>Hands-on experience administering and maintaining Trellix ePolicy Orchestrator (ePO) in enterprise or DoD environments</li><li>Experience deploying and managing Trellix endpoint security solutions (Endpoint Security,  Policy Auditor, Application Control)</li><li>Experience managing ePO infrastructure components, including extensions, repositories, and Agent Handlers for scalability and performance</li><li>Certifications:<ul><li>DoD 8570/8140-M compliant (e.g., CISSP, CASP+, CISM) – required</li><li>AWS Certified Security – Specialty – highly preferred</li><li>Kubernetes certification (CKS/CKA) – a plus</li></ul></li></ul>Target Salary Range: $90,270.00 - $155,037.00 Disclaimer:  The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances.

Logistics Management Institute

Information System Security Engineer (ISSE) AWS Cloud Security - Clearance Required

Temporary IT Jobs in Pinehurst, NC

Resume Resources

Get noticed by top employers!

Temporary IT Jobs in Pinehurst, NC

Information Systems Security Manager (ISSM) MAG Aerospace

Information System Security Engineer (ISSE) AWS Cloud Security - Clearance Required Logistics Management Institute

Resume Resources