Ready for Whatis Next? Kratos Defense & Security Solutions develops and fields transformative, affordable technology, platforms, and systems for United States National Security related customers, allies, and commercial enterprises. iWe proactively build trusted relationships with our peers, partners and customers, and take ownership for our actionsialways striving to do the right thing. Kratos is looking for an ISSM to lead and support other cybersecurity professionals in the execution of information assurance programs and will support other IT teams in implementing security measures. This is accomplished in compliance with CMMC and Risk Management Framework policies and procedures such as System Security Plans, Risk Assessment Reports, Plans of Actions and Milestones, Assessment & Authorization packages, and Security Control Traceability Matrices. The ISSM will maintain an operational security posture and ensure security policies, standards, and procedures are established and followed. The ISSM will perform vulnerability and risk assessment analyses to support Assessment & Authorization and will provide configuration management for security software, hardware, and firmware. This position is based on multiple DoD Directives; including DoD 5205.07 volumes 1-4; DoDD 5205.02E; DoDI 5025.01, 5205.11, 5200.39, 5220.22, DoDM 3305.13; DoD 8140 series; Intelligence Community Directive Series 500/600/700; NIST 800 series special publications; Executive Orders 13556 and 13636, the Joint Special Access Program Implementation Guide Rev 4, and DISA Security Technical Implementation Guides. Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. U.S. citizenship is required. Travel to customer sites and other program locations will be required. Primary Responsibilities: In coordination with the government client, develop and maintain a cybersecurity program and associated policies, procedures, and documentation. Work with government sponsors and ISSMs to plan and conduct security authorization reviews and assurance case development for the initial installation of program systems and networks. Leverage guidance pertinent to all applicable directives and publications. Ensure adherence to security policies, procedures, and guidance. Develop, manage, and execute a continuous monitoring plan. Conduct reviews of audit reports and report anomalies to leadership. Ensure audit tools and events captured are as outlined in applicable Ensure the cyber incident response plan is followed when security incidents occur. Work with government stakeholders to manage security incidents and vulnerability compliance. Maintain a working knowledge of system functions, security policies and procedures, technical security safeguards, and operational security measures. Play an active role in developing and updating security artifacts, reviewing changes to program systems, and assessing the security impact of those changes. Ensure data ownership responsibilities are established for each program system and system requirements are enforced. Oversee system security configuration, hardware, software, and firmware baselines. Assist system administrators in approved maintenance procedures. Direct information system security inspections, tests, and reviews. Ensure leadership understands inspection timelines, operational impacts, and results. Coordinate periodic testing to evaluate the security posture of program systems. Ensure all system security-related vulnerabilities are documented and serious or unresolved violations are reported to the appropriate office. Review results with Kratos program leadership for possible remedies. Oversee the operation, maintenance, and disposition of program components. Provide guidance before purging and releasing program data. Oversee system backup and recovery processes to ensure secu ity features and procedures can be properly restored. Ensure they and any ISSOs under their purview are appointed in writing and assigned duties commensurate with their expertise. Ensure ISSOs under their purview receive the appropriate training to carry out their duties. Ensure the development and implementation of an effective information system security education, training, and awareness program. Ensure all security training is accomplished and documented. Ensure all users have the requisite security clearances, authorization, need-to-know, and awareness of their security responsibilities before granting access to program systems. Assume ISSO responsibilities in the absence of or if no ISSO is assigned to a system. Execute regular security self-inspections to maintain a good security posture. Oversee system security audits. Keyword: ISSM, cyber, cybersecurity, RMF, zero trust, CMMC Required Experience:

5-7 years cybersecurity experience. 3 years as an ISSM or equivalent duties in a supervisory capacity. Experience in TS//SCI environments. Required Qualifications: An in-depth knowledge of the DISA Risk Management Framework and the DAAPM. CISSP, CISM, or equivalent cybersecurity certification. Experience with eMASS, XACTA, or similar government systems of record. Familiarity with performance metrics and the ability to monitor and optimize operational efficiency. The ability to stay current on industry trends, emerging technologies, and regulatory changes to maintain the organizationis competitive edge. Demonstrated ability to manage risks and implement effective mitigation strategies. Able to clearly communicate technical concepts orally and in written forms to internal and external audiences. Comfortability with briefing large audiences. Active TS security clearance with SCI eligibility. Preferred Skills and Experience Experience with business continuity and disaster recovery planning (BC/DR). Familiarity with ACAS, Greylog, Nessus, Splunk or similar security tools.