Information Systems Security Manager
Remote, US
This is a U.S. based position. All of the programs we support require U.S. citizenship to be eligible for employment. All work must be conducted within the continental U.S.
Who we are:
Raft (https://TeamRaft.com) is a customer-obsessed non-traditional small business with a purposeful focus on Distributed Data Systems, Platforms at Scale, and Complex Application Development, with headquarters in McLean, VA. Our range of clients includes innovative federal and public agencies leveraging design thinking, cutting-edge tech stack, and cloud-native ecosystem. We build digital solutions that impact the lives of millions of Americans.
We’re looking for an experienced Information Systems Security Manager to support our customers and join our passionate team of high-impact problem solvers.
About the role:
As an ISSM, you'll play a pivotal role in shaping and enforcing our cybersecurity frameworks in alignment with federal policies and mandates. Your day to day will include collaboration with internal and external stakeholders to promote cybersecurity awareness, education, training, communication, alignment, collaboration, and cooperation. Your expertise will drive the identification, assessment, and mitigation of cyber risks, ensuring a robust compliance posture that fosters trust and confidence among our government stakeholders. You will also aid in the design, implementation, and maintenance of the cybersecurity platforms under the purview of the contract in collaboration with customer security teams. This role requires a deep understanding of cybersecurity principles, federal compliance requirements, and a passion for safeguarding national digital infrastructure.
What we are looking for:
- Minimum of 6 years' experience in ISSM/O roles with at least 4 years focused on federal government projects
- Expert knowledge of the NIST CSF & related NIST Special Publications such as NIST SP 800-53 & 800-171
- Expert knowledge of GRC tools such as ServiceNow, XACTA, eMASS, Archer, or SAP
- Expert proficiency in conducting risk assessments, audits, and compliance monitoring within federal government environments
- Demonstrated proficiency in managing and creating Body of Evidence (BOE) artifacts, including POA&Ms, SSPs, RARs, Vulnerability Assessments, Security Assessment Plans, etc
- Understanding of and experience with SIEM tools such as Splunk, Grafana, or ELK
- Expert experience managing compliance activities for both on-prem & cloud-based systems & networks
- Expert experience conducting internal self-assessments and audits with external assessors
- Deep understanding of common cybersecurity tools and technologies such as vulnerability & compliance scanners, static & dynamic code analyzers, DLP, IDS, etc.
- Excellent communication skills with the ability to convey complex cybersecurity and compliance concepts, controls, & risk scenarios to technical and non-technical stakeholders
- Ability to translate compliance requirements into business and system risks and present to technical & non-technical Senior Leadership
- Ability to collaborate with and advise business units on governance structures and operational adjustments needed to align with governance frameworks
- Ability to identify gaps or conflicts in current policies and processes and work to develop solutions with internal business units
- Obtain CISSP or other DoD 8570 IAM Level II or higher certification within 90 days of employment with Raft
- Bachelor's degree in Cybersecurity, Information Technology, or a related field
Highly preferred:
- Master’s degree in Cybersecurity, Information Assurance, Information Technology, or a related field.
- Experience in a software factory or DevSecOps environment such as Platform One
- Ability to manage cross-functional teams and drive deliverables to completion
- Experience in developing and delivering cybersecurity training and awareness programs
Clearance Requirements:
- Ability to obtain and maintain a Top Secret security clearance with SCI eligibility
Work Type:
- Remote
- May require up to 10% travel
Salary Range:
- $140,000 - $200,000
- The determination of compensation is predicated upon a candidate's comprehensive experience, demonstrated skill, and proven abilities
What we will offer you:
- Highly competitive salary
- Fully covered healthcare, dental, and vision coverage
- 401(k) and company match
- Take as you need PTO + 11 paid holidays
- Education & training benefits
- Annual budget for your tech/gadgets needs
- Monthly box of yummy snacks to eat while doing meaningful work
- Remote, hybrid, and flexible work options
- Team off-site in fun places!
- Generous Referral Bonuses
- And More!
Our Vision Statement:
We bridge the gap between humans and data through radical transparency and our obsession with the mission.
Our Customer Obsession:
We will approach every deliverable like it's a product. We will adopt a customer-obsessed mentality. As we grow, and our footprint becomes larger, teams and employees will treat each other not only as teammates but customers. We must live the customer-obsessed mindset, always. This will help us scale and it will translate to the interactions that our Rafters have with their clients and other product teams that they integrate with. Our culture will enable our success and set us apart from other companies.
How do we get there?
Public-sector modernization is critical for us to live in a better world. We, at Raft, want to innovate and solve complex problems. And, if we are successful, our generation and the ones that follow us will live in a delightful, efficient, and accessible world where out-of-box thinking, and collaboration is a norm.
Raft’s core philosophy is Ubuntu: I Am, Because We are. We support our “nadi” by elevating the other Rafters. We work as a hyper collaborative team where each team member brings a unique perspective, adding value that did not exist before. People make Raft special. We celebrate each other and our cognitive and cultural diversity. We are devoted to our practice of innovation and collaboration.
We’re an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
ApplyJob Profile
Clearance requirements May require up to 10% travel U.S. citizenship required Work must be conducted within the continental U.S.
Benefits/PerksAnnual budget for your tech/gadgets needs Competitive salary Education & training benefits Flexible work options Fully covered healthcare Fully covered healthcare, dental, and vision coverage Generous Referral Bonuses Healthcare, dental, and vision coverage Highly competitive salary Hybrid work Monthly box of yummy snacks Paid holidays PTO PTO + 11 paid holidays Referral bonuses Remote, hybrid, and flexible work options Snacks Take as you need PTO + 11 paid holidays Team off-site in fun places Training Benefits Vision coverage
Tasks- Collaborate with stakeholders
- Conduct risk assessments and audits
- Design and implement cybersecurity platforms
- Develop
- Identify and mitigate cyber risks
- Shape cybersecurity frameworks
Archer Audits Body of evidence Cloud Cloud-native Ecosystem Communication Complex Application Development Compliance monitoring Compliance scanners Cybersecurity Design Thinking DevSecOps Distributed Data Systems DLP Dynamic code analyzers ELK EMASS Governance Frameworks Grafana GRC Tools IAM IDS NIST CSF Nist sp 800-171 NIST SP 800-53 Platforms at Scale Play POA&Ms RARs Risk assessments SAP Security Security assessment plans ServiceNow SIEM SIEM tools Splunk SSPs Static code analyzers Vulnerability assessments Vulnerability scanners Xacta
Experience6 years
EducationBachelor's degree Cybersecurity Master's degree Related Field
Certifications TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9