Information Systems Security Manager (ISSM)

[ABOUT ISTARI DIGITAL] Istari is a digital engineering software company enabling our customers to turn the physical world into the digital to accomplish their specific mission or business objectives. Istari was founded with the vision of making open, scalable digital engineering ecosystems a reality – where new technologies and systems are created digitally, free from the real-world constraints of costs and schedules. We are creating the world’s best engineering model sharing platform, allowing our customers to simply and securely integrate their models across different engineering disciplines, organizations, and security levels. At Istari, we are passionate about our mission of creating the world's first open and scalable industrial metaverse. Whether our customers are designing prototypes, performing virtual testing, or training AI and autonomy for complex systems, we know that going digital will save them time, resources, and reduce their environmental impact.   While we are a distributed team with most team-members working remotely, we place an emphasis on staying connected and collaborative, prioritizing in-person opportunities to build trust as a team. At Istari, we still believe that trust is best built in-person. To do this, we have an engineering headquarters in Cambridge, MA for focused technical development and several times per year we gather for an off-site that allows us to develop our professional skills and our team relationships. [VALUES] At Istari, we live by our values, which include: - Focus is rewarded. Finish is remembered.  - Facts are friendly. Even when they are not fun. - Fellowship is fundamental. Make others successful. Equal Opportunity Istari is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. We are seeking a highly experienced and knowledgeable Information System Security Manager (ISSM) to join our Cybersecurity team. This role will be hybrid 3 days per week in our Arlington, VA office. The ISSM will serve as a principal advisor on all matters, technical and otherwise, involving the cybersecurity of information systems under their purview. This role requires a deep understanding of cybersecurity principles, practices, and frameworks, as well as the ability to develop, implement, and evaluate information system security program policy consistent with Federal and Commercial regulatory requirements. The ISSM will work closely with various stakeholders across the organization to ensure the confidentiality, integrity, and availability of our information systems. Key Responsibilities

Serve as the principal advisor on all matters involving the cybersecurity of assigned information systems.

Develop, implement, and evaluate information system security program policy consistent with Federal and Commercial regulatory requirements, including JSIG, NIST 800-171, NIST 800-53, CMMC, and ITAR.

Conduct risk assessments and identify vulnerabilities in information systems.

Develop and implement security controls to mitigate identified risks.

Monitor and evaluate the effectiveness of security controls.

Develop and deliver cybersecurity awareness training to employees.

Investigate security incidents and breaches.

Maintain security documentation, including system security plans (SSPs), risk assessments, and incident reports.

Stay up-to-date with the latest cybersecurity threats and vulnerabilities.

Collaborate with the engineering and customer success teams to ensure secure implementation and configuration of systems.

Required Qualifications

Minimum of 10 years of experience in a relevant field.

Deep understanding of cybersecurity principles, practices, and frameworks, including JSIG, NIST 800-171, NIST 800-53, ITAR, and CMMC.

Experience with risk assessments, vulnerability identification, and security control implementation.

Experience with security incident investigation and response.

Excellent communication and collaboration skills, with the ability to effectively communicate with both technical and non-technical audiences.

Strong analytical and problem-solving skills.

Preferred Qualifications

Bachelor's degree in computer science, information systems, or a related field.

Relevant certifications (e.g., CISSP, CISM).Experience with SOC compliance and audits.

Active TS Security Clearance.

Eligibility

Must be a US citizen living within the United States.