Information Systems Security Manager (ISSM)

(ABOUT ISTARI DIGITAL) Istari is a digital engineering software company enabling our customers to turn the physical world into the digital to accomplish their specific mission or business objectives. Istari was founded with the vision of making open, scalable digital engineering ecosystems a reality - where new technologies and systems are created digitally, free from the real-world constraints of costs and schedules. We are creating the world's best engineering model sharing platform, allowing our customers to simply and securely integrate their models across different engineering disciplines, organizations, and security levels. At Istari, we are passionate about our mission of creating the world's first open and scalable industrial metaverse. Whether our customers are designing prototypes, performing virtual testing, or training AI and autonomy for complex systems, we know that going digital will save them time, resources, and reduce their environmental impact. While we are a distributed team with most team-members working remotely, we place an emphasis on staying connected and collaborative, prioritizing in-person opportunities to build trust as a team. At Istari, we still believe that trust is best built in-person. To do this, we have an engineering headquarters in Cambridge, MA for focused technical development and several times per year we gather for an off-site that allows us to develop our professional skills and our team relationships. (VALUES) At Istari, we live by our values, which include: Purposeful Autonomy We value letting people self-organize and self-motivate. Our flat structure and lack of meeting clutter are meant to empower individuals and teams to be proactive. Our autonomy is measured, goal-oriented, and results-driven - not meandering. Clear objectives help us prioritize our time. Smart Transparency We believe in honest-but-kind communication, transparency, and open-door policies. We love learning about challenges and tackling them early, not hearing good or bad news late. We share work-in-progress across our team. Fast feedback keeps autonomy purposeful. Continual Curiosity At Istari, we love learning to do things ourselves. We ask, read, share, teach - even watch YouTube videos - to learn new skills to solve problems. When we make breakthroughs, we write them down. Writing focuses ideas, helps us learn, and helps us share. Equal Opportunity Istari is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. We are seeking a highly experienced and knowledgeable Information System Security Manager (ISSM) to join our Cybersecurity team. The ISSM will serve as a principal advisor on all matters, technical and otherwise, involving the cybersecurity of information systems under their purview. This role requires a deep understanding of cybersecurity principles, practices, and frameworks, as well as the ability to develop, implement, and evaluate information system security program policy consistent with Federal and Commercial regulatory requirements. The ISSM will work closely with various stakeholders across the organization to ensure the confidentiality, integrity, and availability of our information systems. Key Responsibilities Serve as the principal advisor on all matters involving the cybersecurity of assigned information systems. Develop, implement, and evaluate information system security program policy consistent with Federal and Commercial regulatory requirements, including JSIG, NIST 800-171, NIST 800-53, CMMC, and ITAR. Conduct risk assessments and identify vulnerabilities in information systems. Develop and implement security controls to mitigate identified risks. Monitor and evaluate the effectiveness of security controls. Develop and deliver cybersecurity awareness training to employees. Investigate security incidents and breaches. Maintain security documentation, including system security plans (SSPs), risk assessments, and incident reports. Stay up-to-date with the latest cybersecurity threats and vulnerabilities. Collaborate with the engineering and customer success teams to ensure secure implementation and configuration of systems. Required Qualifications Minimum of 10 years of experience in a relevant field. Deep understanding of cybersecurity principles, practices, and frameworks, including JSIG, NIST 800-171, NIST 800-53, ITAR, and CMMC. Experience with risk assessments, vulnerability identification, and security control implementation. Experience with security incident investigation and response. Excellent communication and collaboration skills, with the ability to effectively communicate with both technical and non-technical audiences. Strong analytical and problem-solving skills. Preferred Qualifications Bachelor's degree in computer science, information systems, or a related field. Relevant certifications (e.g., CISSP, CISM). Experience with SOC compliance and audits. Active TS Security Clearance. Eligibility Must be a US citizen living within the United States. $124,000 - $165,000 a year BENEFITS We offer highly competitive benefits, including: Health and Family - Medical/Dental/Vision - Employee Premiums are 100% Company Paid - Life Insurance - Flexible Work Hours - Unlimited Paid Time Off (PTO) with federal government holidays Financial - Competitive Compensation - 401k - Company Stock Options - Home Office Setup Budget Learning - Reimbursement for approved trainings and subscriptions - Conferences (travel, lodging, and fees) Note - some benefits are not available to interns or contractors. Thank you for your interest in Istari. Expect to hear back from us soon with next steps. #J-18808-Ljbffr

Created: 2025-03-05