Information Systems Security Manager (ISSM)

Overview

We’re looking for an Information Systems Security Manager (ISSM) responsible for overseeing and managing the risks associated with information systems security for the NADACS Program. This role involves ensuring compliance with relevant cybersecurity standards, frameworks, and regulations while proactively identifying opportunities to enhance the program’s security posture. The ISSM collaborates closely with stakeholders to develop, implement, and maintain security policies, procedures, and controls that safeguard the integrity, confidentiality, and availability of NADACS systems. Ability to travel to client site in Mechanicsburg, PA required at times. Candidates local to Mechanicsburg, PA highly preferred. 

LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed.

Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors—helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value.

We’re not here to maintain the status quo – we’re here to rewrite it, and innovate at the pace of need. Our team is laser-focused on creating cutting-edge RFID solutions for the DoD that bring passive and active RFID tech to life, solving tough integration challenges across global sites. We're a no-bench, get-after-it kind of company, where initiative is rewarded, and innovation is our default setting. If you’re ready to dive in, take ownership, and ship real value, keep reading.

Responsibilities

• Manage the cybersecurity risk management process for NADACS, ensuring alignment with FISMA, RMF, and applicable policies/guidelines.
• Continuously validate the organization’s adherence to policies/guidelines/procedures/regulations/laws to ensure compliance.
• Conduct and oversee technical reviews of system implementation plans to ensure integration of security objectives.
• Identify and implement IT security program implications of new technologies or upgrades within NADACS.
• Coordinate cybersecurity inspections, tests, and reviews on the network environment.
• Oversee the information security training and awareness program for NADACS, ensuring that relevant content is developed and implemented effectively.
• Participate in and oversee risk assessments during the Security Assessment and Authorization processes.
• Support incident response programs and ensure security measures are sufficient to address organizational risk tolerance.
• Ensure cybersecurity policies, guidelines, and procedures are developed, implemented, and aligned with organizational goals.
• Continuously validate organizational compliance with policies, regulatory requirements, and standards.
• Recommend improvements for maintaining compliance with laws and relevant cybersecurity governance.
• Advise senior management on risk levels and security posture and provide recommendations for risk reduction.
• Advocate for and advise on resources to support information security training and awareness programs.
• Communicate IT security risks and their implications to stakeholders at all organizational levels.

Qualifications

• 5+ years of experience in DoW cybersecurity roles.
• Bachelor’s degree in engineering, computer science, information technology, or related field.
• Proven ability to manage the RMF lifecycle for complex technology implementations.
• Experience supporting contracts with DoD or other federal agencies.
• Must meet DoDD 8140 IAM Level III requirements (which can be met with the following cybersecurity certifications: CISSP, CISM, GSLC)
• Must have familiarity and working experience in the Navy RMF process.
• In-depth knowledge Navy risk tolerance approach, network/system administration, operating system hardening, and security integration practices.
• Detailed understanding of data protection standards, including Personally Identifiable Information (PII) security.
• Ability to implement and validate compliance measures for security policies and legal requirements.
• Effective communication with senior leadership and articulation of cybersecurity risks and solutions.
• Proficiency in integrating security into the acquisition lifecycle.
• Knowledge of penetration testing principles and application security risks (e.g., OWASP Top 10).
• Understanding of system design standards and secure lifecycle management principles.
• Active Secret clearance required.

The target salary range for this position is $115,000-$175,000.

The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances.