Talent.com

Information security manager serp_jobs.h1.location_city

serp_jobs.job_alerts.create_a_job

Information security manager • alexandria va

serp_jobs.last_updated.last_updated_variable_days
Information Security Manager

Information Security Manager

Conference of State Bank Supervisors (CSBS)Washington, DC, United States
serp_jobs.job_card.full_time
The Information Security Manager is responsible for developing, implementing, and maintaining the organization's information security program aligned to FISMA and the NIST Cyber Security Framework ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information System Security Manager

Information System Security Manager

CerebrasWashington, DC, United States
serp_jobs.job_card.full_time
Eightfold AI is seeking a Security Manager / Information System Security Manager (ISSM) to oversee and enhance our public-sector security initiatives, including FedRAMP Moderate, GovRAMP, and IL4 a...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
  • serp_jobs.job_card.promoted
Information Systems Security Manager (ISSM)

Information Systems Security Manager (ISSM)

BTIWashington, DC, US
serp_jobs.job_card.full_time
Business Technology Integrators (BTI) is seeking an Information Systems Security Manager (ISSM) to lead a team in executing risk management efforts against our customer's inventory of on premis...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information Security Analyst

Information Security Analyst

VirtualVocationsAlexandria, Virginia, United States
serp_jobs.job_card.full_time
A company is looking for an Information Security Analyst to support a federal customer remotely.Key Responsibilities Collaborate with Bureau staff and DevSecOps teams on security documentation an...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information Security Analyst

Information Security Analyst

Saliense Consulting LLCArlington, VA, US
serp_jobs.job_card.full_time
Saliense is a growing Management and Technology Consulting Solutions provider based out of Mclean, VA.We work to solve our client’s toughest challenges within the Defense, Civilian, Financial...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information Security Analyst

Information Security Analyst

AnalyticaWashington, DC, US
serp_jobs.job_card.full_time
The candidate will support the refinement of information security requirements and ensure that the requirements are integrated into information technology component products and information systems...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information System Security Manager III

Information System Security Manager III

Global Resource Solutions, Inc.Washington, DC, US
serp_jobs.job_card.full_time
Global Resource Solutions, Inc.GRS) is seeking an enthusiastic, motivated, detail orientated, and talented individual for the position of Information System Security Manager (ISSM) III.The ISSM III...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information Systems Security Manager (ISSM)

Information Systems Security Manager (ISSM)

Potawatomi Federal SolutionsWashington, DC, United States
serp_jobs.job_card.full_time
Position Title : Information Systems Security Manager (ISSM) , Senior (TS / SCI Required).Negotiable Depending on Experience). Command Cyber Solutions is seeking a highly motivated and detail-oriented ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information Security Engineer

Information Security Engineer

iCatalyst IncMcLean, VA, US
serp_jobs.job_card.full_time
Hybrid Opportunity - Must live in the Washington, D.Metropolitan area, or willing to relocate to be considered.Clearance Requirement : Public Trust Clearance. Due to federal clearance requirements fo...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
  • serp_jobs.job_card.promoted
Information Security Engineer

Information Security Engineer

Appian CorporationMcLean, VA, US
serp_jobs.job_card.full_time
We set high standards and live up to them, ensuring that everything we do is done with care and quality.We approach every challenge with ambition and commitment, holding ourselves and each other ac...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
  • serp_jobs.job_card.promoted
Information Security Analyst

Information Security Analyst

Go intellects IncWashington, DC, US
serp_jobs.job_card.full_time
Hybrid position - Must be willing and able to report on-site to DC offices 1x every 2 week period.Identify network problems, and recommend improvements to ensure optional performance;.Ability to mo...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information Security Analyst

Information Security Analyst

TradeJobsWorkForce22202 Arlington, VA, US
serp_jobs.job_card.full_time
Monitor their organization’s networks for security breaches and investigate a violation when one occurs Install and use software, such as firewalls and data encryption programs, to protect sensitiv...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
Information Security Specialist

Information Security Specialist

PingwindMount Vernon, Virginia, United States
serp_jobs.job_card.full_time
Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field.PingWind is seeking a knowledgeable and mission-driven Information Security Specialist to support cyber...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information Systems Security Manager

Information Systems Security Manager

Phase2 TechnologyMcLean, VA, United States
serp_jobs.job_card.full_time +1
Information Systems Security Manager.Designs, implements, and manages policies and procedures to ensure database, software, and hardware security. Develops innovative solutions to complex problems.W...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
  • serp_jobs.job_card.promoted
Information Security Engineer

Information Security Engineer

Aretec IncCamp Springs, MD, US
serp_jobs.job_card.full_time
Specializing in advanced analytics, machine learning, data analysis, cybersecurity, and business optimization, we empower federal agencies to achieve their most critical missions.As a premier partn...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information System Security Manager (ISSM)

Information System Security Manager (ISSM)

Apavo CorporationSpringfield, VA, US
serp_jobs.job_card.full_time
Information System Security Manager (ISSM).Apavo is at the forefront of cybersecurity, providing services to military, defense, and critical infrastructure industries. Joining the Apavo team means b...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information Security Engineer

Information Security Engineer

International Legal Technology AssociationWashington, DC, United States
serp_jobs.job_card.full_time
The Information Technology Department of Arnold & Porter has an opening for an Information Security Engineer in the Washington, DC office or may work 100% virtual / remote in a firm-approved U.The In...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
  • serp_jobs.job_card.promoted
Information Systems Security Manager (ISSM) III

Information Systems Security Manager (ISSM) III

gTANGIBLE CorporationArlington, VA, US
serp_jobs.job_card.full_time
TANGIBLE Corporation (gTC), www.S corporation and a registered Government contractor that provides services and solutions in : . Professional, Administrative, and Management Support.Mission and Warfig...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
  • serp_jobs.job_card.promoted
Information Systems Security Manager

Information Systems Security Manager

Booz Allen HamiltonMcLean, VA, United States
serp_jobs.job_card.full_time +1
Designs, implements, and manages policies and procedures to ensure database, software, and hardware security.Develops innovative solutions to complex problems. Works without considerable direction.M...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Information Security Manager

Information Security Manager

EliteTechnicalArlington, VA
serp_jobs.job_card.full_time +1
Immediate fulltime openings for an Information Security Manager with an active Top Secret or higher to support a critical DHS customer with a mission that provides support for onsite incident respo...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
Information Security Manager

Information Security Manager

Conference of State Bank Supervisors (CSBS)Washington, DC, United States
job_description.job_card.30_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Job Summary

The Information Security Manager is responsible for developing, implementing, and maintaining the organization's information security program aligned to FISMA and the NIST Cyber Security Framework to ensure the confidentiality, integrity, and availability of our information and information system assets. This includes the development of policies, procedures and processes, creation of Security Authorization packages, and oversight of monthly Continuous Monitoring reports which include vulnerability scanning, interviews and system testing. The Information Security Manager supports security engineering architecture reviews of CSBS information systems ensuring they are designed and built around their respective protection needs with proven security architectures, and that required protection mechanisms are addressed and implemented early and maintained throughout the life cycle of information systems to minimize risk to CSBS. The Information Security Manager is expected to work with a variety of stakeholders, including system owners, implementation engineers, third-party auditors, and the CSBS Information Security Department to develop deliverables, recommend security solutions, and maintain the existing Authority to Operate (ATO) status for CSBS systems and implement new ATOs for other emerging systems and platforms.

Essential Functions

To perform this job successfully, an individual must be able to perform each essential duty and responsibility satisfactorily. Reasonable accommodations may be made to enable an individual with disabilities to perform the essential functions. Other duties may be assigned to meet business needs.

This position will perform hands-on tasks to monitor and manage the security posture of CSBS's information technology services. In this role, the Information Security Manager will be responsible for participating in and leading the analysis and evaluation of information technology services design, engineering practices, and architecture.

Security Program Management

  • Work with the CISO to develop a security program and security projects that address identified risks and business security requirements.
  • Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing the CISO with a realistic overview of risks and threats in the enterprise environment.
  • Partner with the CISO to develop budget projections based on short and long-term goals and objectives.
  • Monitor and report on compliance with security policies, as well as the enforcement of policies within the IT department.
  • Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
  • Work as a liaison with vendors and the legal and purchasing departments to establish mutually acceptable contracts and service-level agreements.
  • Manage production issues and incidents and participate in problem and change management forums.
  • Work with the CISO, IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
  • Provide support and guidance for legal and regulatory compliance efforts, including audit support.
  • Develop and implement controls and configurations aligned with security policies and legal, regulatory, and audit requirements.
  • Work with the CISO to develop a security program and security projects that address identified risks and business security requirements.
  • Advise senior leadership on risk mitigation strategies based on established risk tolerance and industry best practices.
  • Align organizational requirements with security risk management goals, ensuring a cohesive approach to risk mitigation.
  • Develop, review, and monitor compliance with organizational security policies.

Security Engineering Architecture Reviews

  • Work with the enterprise architecture team to ensure that there is a convergence of business, technical, and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.
  • Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software.
  • Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
  • Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.
  • Coordinate, measure, and report on the technical aspects of security management.
  • Manage security projects and provide expert guidance on security matters for other IT projects.
  • Ensure rigorous execution and maintenance of security policies, procedures, and protocols related to security risk management.
  • Lead the deployment of cutting-edge security technologies and program enhancements, ensuring CSBS remains at the forefront of the industry's best practices.

    • CSF and RMF ATO Support

  • Develop a variety of Security Authorization deliverables including System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports, Privacy Impact Assessments (PAI), Annual Assessments, Contingency Plans, FIPS 199 Security Categorizations, Plan of Action and Milestones (POA&M), etc.
  • Serve as an active and consistent participant in the information security governance process.
  • Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
  • Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
  • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans, and communicate information about residual risk.
  • Design, coordinate, and oversee security testing procedures to verify the security of systems, networks, and applications, and manage the remediation of identified risks.
  • Analyze and review existing processes and procedures to determine areas of possible improvement that will lead to gains in efficiency and security.
  • Identify and propose solutions to potential security threats while assessing the risk levels.
  • Manage risks and systematically resolve or escalate issues in a proactive and timely manner.

    • Additional Responsibilities :

  • Monitor industry trends for changes in cyber security challenges and implement planning, policy and procedure changes in response.
  • Contribute to industry and government forums that develop industry guidance and regulations regarding security practices.

    • Minimum Qualifications

    To perform this job successfully, an individual should possess the knowledge, skills, and abilities listed and meet the amount of education, training and / or work experience required.

    Education and Experience

  • Bachelor's degree in Information Technology, Information Security, or a related field; equivalent experience may be considered.
  • Professional certifications such as CISSP, GIAC, or CCSP required; additional cloud-related certifications are a plus.
  • Minimum of 12 years of relevant experience in business and technology, including at least 10 years in Information Security or Information Assurance.
  • Extensive experience conducting risk assessments aligned with NIST standards, including at least 7 years focused on cloud and mobile environments. Strong knowledge of System Security Plans (SSPs) using NIST 800-53 Rev. 5 is essential.
  • Demonstrated expertise with the NIST Cybersecurity Framework and FISMA Information Security Continuous Monitoring (NIST SP 800-137).
  • Industry experience in Financial Services, Regulatory, or Consulting sectors is highly desirable.
  • Experience preparing Security Authorization documentation in support of Authority to Operate (ATO) processes.
  • Technical proficiency in database security, content filtering, vulnerability scanning, and anti-malware solutions.
  • Hands-on experience with security in cloud environments, including IaaS, PaaS, and SaaS models.
  • Proficiency in at least one scripting language such as Python, PowerShell, or Perl.
  • Experience supporting enterprise incident response plans and participating in incident resolution activities.

    • Knowledge, Skills and Abilities

  • Demonstrated ability to develop, implement, and communicate security policies, standards, and procedures across diverse user groups.
  • Deep understanding of network security principles, including VPNs, firewalls, intrusion detection systems, network monitoring, web server security, and wireless protection.
  • Strong working knowledge of the NIST Risk Management Framework (SP 800-30, SP 800-37) and related industry standards.
  • Expert-level understanding of system and network security engineering practices, operating systems, and application auditing.
  • Familiarity with SASE16 SOC 1 reports and their role in information security compliance.
  • Proven knowledge of application vulnerabilities, threat vectors, and effective mitigation strategies.
  • Knowledge of security technologies such as Cloud Access Security Brokers (CASB), Data Loss Prevention (DLP), Multi-Factor Authentication (MFA), and Data Rights Management (DRM).
  • Strong understanding of security considerations for public cloud platforms (e.g., Azure, AWS, Office 365).
  • Ability to collaborate across functions and build consensus among diverse stakeholders.
  • Skilled in influencing others to drive security adoption and behavioral change.
  • Exceptional written and verbal communication skills, including the ability to explain complex technical concepts to non-technical audiences.
  • Commitment to delivering high-quality, responsive service that aligns with business needs.
  • Effective at managing multiple high-priority projects in a fast-paced, deadline-driven environment.
  • Strong planning, organizational, and task management skills.
  • Solid foundational knowledge of cybersecurity principles and technologies.

    • Requirements

  • Due to the nature of CSBS's business in support of state financial services supervision, all CSBS employees have the potential of interacting with confidential information related to the supervision of financial services companies ("Confidential Supervisory Information"). As a result, in addition to general business conflicts of interest, all CSBS employees are expected to disclose conflicts of interest in financial services companies on at least an annual basis and to proactively avoid such conflicts.
  • Protect the confidentiality, integrity, and availability of CSBS information and information systems in accordance with CSBS policies and procedures.
  • Must be eligible to obtain or currently possess a U.S. Government clearance at the Public Trust (NACI) moderate level or higher.
  • Must be an authorized United States citizen.

    • Values Instilled Behaviors for Excellence (VIBE)

    At CSBS, work-life balance isn't just a policy; it's our VIBE! We recognize that our team members have lives that deserve attention and care. That's why we create strong, supportive relationships that help everyone grow both professionally and personally. We honor each other's expertise and speak the truth, even when it's a bit awkward. And guess what? This honesty creates a vibe of respect and trust that powers our efficiency and our excellence. It lets us chase those career goals while also nurturing our personal pursuits. At CSBS, you can thrive at work and at home-it's the best of both worlds!

    Just like a healthy work-life, collaboration is an essential part of CSBS's mission. In fact, it is the heartbeat of everything we do! We're all about pitching in, giving props to our colleagues, and having each other's backs. This allows us to push ourselves to our maximum potential and embrace those bold risks and innovative solutions. No matter what comes our way, our commitment to communication and teamwork strengthens us. We at CSBS are on mission and on the move, tackling all challenges together!

    Leadership Competency Model

    At CSBS, we believe in leadership at every level, empowering all employees, regardless of role, to take initiative, inspire others, and drive progress. Our five core competencies are Leading Change and Transformation, Leading Others, Results Focused, Business Intelligence, and Collaborative Partnering to provide a framework for professional growth while ensuring accountability in our performance.

    Leading Change and Transformation means embracing innovation and adaptability to drive continuous improvement. Leading Others is about guiding, mentoring, and influencing colleagues to move our mission forward. A Results-Focused mindset ensures we meet our goals with efficiency and impact. Business Intelligence allows employees to make informed, strategic decisions based on data and industry insights. Finally, Collaborative Partnering fosters teamwork and strong relationships to achieve shared success.

    This competency model not only supports individual growth and development but also strengthens CSBS as we evolve into a more agile and innovative organization. Here, leadership isn't just a title, it's a mindset that moves us forward together.

    Working Conditions

  • General office.
  • Some travel required.

    • This job description should not be construed to imply that these requirements are the only standards for the position. Incumbents will follow any other instructions and perform any other related duties as may be required. CSBS has the right to revise this job description at any time. CSBS is an "at will" employer and as such, neither this job description nor your signature constitutes any form of contractual arrangement between you and CSBS.

    Compensation at CSBS

    At CSBS, salary offers are determined within the established range based on a candidate's experience, education, and the market demand for the role. Where appropriate, we also carefully benchmark against similar internal positions to ensure equity and consistency.

    In addition to competitive salaries, CSBS offers a comprehensive benefits package, a flexible hybrid work environment, and an inclusive culture. Learn more about our benefits, culture, and work environment by visiting CSBS Careers .