Cybersecurity Manager/ISSO

Please take this opportunity to join one of GDIT’s fastest long-standing growing programs!  US Battlefield Information Collection and Exploitation System eXtended (US BICES-X) is a cutting-edge program supporting DoW intelligence information sharing on current and emerging global threats to mission and coalition partners and emerging nations. With an internationally dispersed team supporting each combatant command, the US BICES-X team is in direct support of the war fighter and their missions. We are seeking an innovative and driven professional with a passion for solving dynamic challenges on a cross-functional, fast-paced team.  You will be part of a high caliber team that is delivering a business-driven Enterprise Network to support BICES Global Enterprise Mission Support Services increasing performance, security, scalability, and stability while reducing costs and complexity resulting in increased supportability. 

The Cybersecurity Manager provides advanced leadership, guidance, and oversight for a large-scale program supporting the government and U.S. Air Force. This role ensures the secure operation, authorization, and protection of complex information systems. The position requires deep expertise in DoW cybersecurity practices, the Risk Management Framework (RMF), security engineering, and continuous monitoring. The ideal candidate is a highly organized, self‑driven cybersecurity professional capable of working in a fast-paced, collaborative environment.

Key Responsibilities:

• Communicate the value of information technology security to stakeholders across all organizational levels.
• Advise senior leadership on changes that impact cybersecurity posture, including evolving risks and compliance status.
• Collaborate with a geographically dispersed team to coordinate cybersecurity inspections, tests, and reviews.
• Develop, distribute, and maintain security-related plans, instructions, SOPs, and guidance for the operational environment.
• Communicate security and compliance matters to government leaders, operations, and ISSO personnel.
• Deliver status updates on cybersecurity metrics, risk indicators, compliance trends, and key results to senior government and GDIT leadership.
• Oversee policy standards and ensure implementation strategies align with established cybersecurity requirements.
• Ensure successful implementation of security requirements, policies, and procedures consistent with approved security baselines.
• Provide remediation guidance to cybersecurity staff and ensure compliance with regulatory, contractual, and policy requirements.
• Support updates to policies, procedures, and standards using NIST 800‑53, best practices, and emerging compliance needs.
• Align IT security priorities with the broader cybersecurity strategy, including interpreting security requirements for new technologies.
• Support acquisition activities in accordance with DoW/USAF supply‑chain‑risk‑management practices.
• Assist with management of cybersecurity budgets, staffing, and contractual objectives.
• Perform cybersecurity activities for a large program; support policy creation, dissemination, and auditing.
• Support government ISSMs in preparing ATO, ATC, IATT, POA&M, and other RMF/ISSO documentation as required.
• Support development and execution of required ST&V plans.
• Produce ISSO materials, including project briefs and RMF action status for DoW IT packages.
• Provide analysis of system architecture, security impact assessments, and risk mitigation strategies.
• Provide security design oversight for build processes of servers, services, and endpoints.
• Ensure compliance with hosting facility ATOs for dependent systems.
• Implement and enforce strong cybersecurity and vulnerability management practices.
• Conduct compliance and vulnerability audits using STIG Viewer, DISA SCAP, eMASSter, ACAS, and ESS Policy Auditor across Linux, Windows, Cisco, Juniper, VMware, and related technologies.
• Execute Continuous Monitoring activities, including creation, tracking, and closure of POA&Ms and Risk Acceptances.
• Communicate threat information to government leadership and cybersecurity teams to support risk decisions.
• Execute DoW RMF in accordance with DoW 8510, including security control validation and test coordination.
• Coordinate with AFRL, USAF, and other agencies for audits, inspections, CVAs, ST&Vs, and CCRI events as required.
• Assess change requests (firewall, systems, networks) to determine organizational risk.
• Maintain information system integrity through enforcement of organizational security policies and vulnerability monitoring.
• Provide work leadership and mentorship to junior technical staff.
• Maintain current knowledge of relevant security technologies.
• Process support tickets using approved ITSM systems.
• Complete other cybersecurity related tasks as outlined in 3.12 through 3.14 of the AFI 17-101 or as directed by the Cybersecurity Lead.

Required Qualifications:

• 10+ years of relevant cybersecurity experience.
• Bachelor’s degree (additional experience may be substituted).
• Active TS/SCI clearance.
• IAM Level III certification (CISSP, CISM, or GSLC).
• Strong background in RMF and eMASS a must.
• Strong understanding of cybersecurity principles, methodologies, and practices.
• Through understanding of NIST, DoW, and AF Cybersecurity Orders and Directives.
• Ability to work collaboratively within team‑oriented environments.
• Excellent multitasking abilities in fast-paced environments.
• Highly organized, self-directed, strong attention to detail.
• Outstanding written and verbal communication skills.
• High levels of integrity, adaptability, resilience, and initiative.

Preferred Qualifications:

• Experience managing personnel (up to 10 staff).
• Ability to prioritize multiple tasks and projects in dynamic, fast-paced environments.
• Strong communication skills across individual, team, and leadership settings.
• Additional role-specific certifications as required.
• ITIL Foundations certification.