Information Systems Security Manager II

{
  "content_hash": "634977b8002c2d1ef42d078fdb8bf926e4767317e96dc4d092198f8dfa1d90db",
  "source_hash": "ad56dd3eda7f0f2d4c4ed4985f5bb34ffcf28a2516794e85e7ecf7b65c85ea2d",
  "last_changed_at": "2026-06-18T08:29:26.859Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "Springfield, VA, US",
    "city": "Springfield",
    "region": "VA",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.8
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-18T08:29:26.817Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "Springfield, VA, US",
      "city": "Springfield",
      "region": "VA",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.8
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": null,
  "salary_period": null,
  "workplace_type": null,
  "salary_currency": null
}

{}

{
  "json_ld": {
    "url": "https://careers-amyx.icims.com/jobs/4410/information-systems-security-manager-ii/job",
    "@type": "JobPosting",
    "title": "Information Systems Security Manager II",
    "@context": "http://schema.org",
    "datePosted": "2024-06-18T08:29:24.456Z",
    "description": "<h2>Overview</h2>\n<p>Amyx is seeking to hire a Information Systems Security Manager-Advanced to support our Cybersecurity Division in the NCE Springfield, VA area. Responsible for the cybersecurity of a program, organization, system, or enclave.</p>\n<h2>Responsibilities</h2>\n<ul>\n <li>Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.</li>\n <li> Acquire necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program.</li>\n <li>Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. </li>\n <li>Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements.</li>\n <li> Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture. </li>\n <li>Collect and maintain data needed to meet system cybersecurity reporting. </li>\n <li>Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.</li>\n <li> Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance. </li>\n <li>Ensure that security improvement actions are evaluated, validated, and implemented as required.</li>\n <li> Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment. </li>\n <li>Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).</li>\n <li> Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture.</li>\n <li> Establish overall enterprise information security architecture (EISA) with the organization's overall security strategy.</li>\n <li>Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.</li>\n <li> Evaluate cost/benefit, economic, and risk analysis in decision-making process.</li>\n <li> Identify alternative information security strategies to address organizational security objective. </li>\n <li>Identify information technology (IT) security program implications of new technologies or technology upgrades.</li>\n <li> Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information.</li>\n <li>Interpret and/or approve security requirements relative to the capabilities of new information technologies. </li>\n <li>Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.</li>\n <li>Lead and align information technology (IT) security priorities with the security strategy. </li>\n <li>Lead and oversee information security budget, staffing, and contracting. </li>\n <li>Manage the monitoring of information security data sources to maintain organizational situational awareness. </li>\n <li>Manage the publishing of Computer Network Defense guidance (e.g., TCNOs, Concept of Operations, Net Analyst Reports, </li>\n <li>Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection. </li>\n <li>Oversee the information security training and awareness program. </li>\n <li>Participate in an information security risk assessment during the Security Assessment and Authorization process.</li>\n <li>Participate in the development or modification of the computer environment cybersecurity program plans and requirements. </li>\n <li>Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.</li>\n <li> Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans. </li>\n <li>Provide leadership and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities. </li>\n <li>Provide system-related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents.</li>\n <li> Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to higher headquarters.</li>\n <li> Recognize a possible security violation and take appropriate action to report the incident, as required. </li>\n <li>Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.</li>\n <li> Recommend policy and coordinate review and approval.</li>\n <li> Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.</li>\n <li>Track audit findings and recommendations to ensure that appropriate mitigation actions are taken. Use federal and organization-specific published documents to manage operations of their computing environment system(s).</li>\n <li> Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals. </li>\n <li>Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies. </li>\n <li>Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk.</li>\n <li> Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements. </li>\n <li>Identify security requirements specific to an information technology (IT) system in all phases of the system life cycle. </li>\n <li>Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.</li>\n <li> Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals. </li>\n <li>Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).</li>\n <li> Participate in the acquisition process as necessary, following appropriate supply chain risk management practices. </li>\n <li>Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals. </li>\n <li>Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.</li>\n <li> Forecast ongoing service demands and ensure that security assumptions are reviewed as necessary.</li>\n <li> Define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate. </li>\n</ul>\n<p> </p>\n<p>Microsoft Office Suites; SharePoint; Nessus, Xacta, ServiceNow, Archer, Assessment Tools</p>\n<h2>Qualifications</h2>\n<p>Required:</p>\n<ul>\n <li>Bachelor degree or higher from an accredited college or university (Recommend an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field.)</li>\n <li>Clearance: TS/SCI</li>\n <li>DoD 8140 Certification: CISSP-ISSMP or GSLC</li>\n <li>Skill in creating policies that reflect system security objectives.</li>\n <li>Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.</li>\n <li>Skill in evaluating the trustworthiness of the supplier and/or product. Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. </li>\n <li>Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements). </li>\n <li>Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.</li>\n</ul>\n<p> </p>\n<p> </p>\n<p>Benefits include:</p>\n<ul>\n <li>Medical, Dental, and Vision Plans (PPO & HSA options available)</li>\n <li>Flexible Spending Accounts (Health Care & Dependent Care FSA)</li>\n <li>Health Savings Account (HSA)</li>\n <li>401(k) with matching contributions</li>\n <li>Roth</li>\n <li>Qualified Transportation Expense with matching contributions</li>\n <li>Short Term Disability</li>\n <li>Long Term Disability</li>\n <li>Life and Accidental Death & Dismemberment</li>\n <li>Basic & Voluntary Life Insurance</li>\n <li>Wellness Program</li>\n <li>PTO</li>\n <li>11 Holidays</li>\n <li>Professional Development Reimbursement</li>\n</ul>\n<p> </p>\n<p>Please contact [email protected] with any questions!</p>\n<p> </p>\n<p><strong>Amyx</strong> is proud to be an Equal Opportunity Employer.  All qualified candidates will be considered without regard to race, color, religion, national origin, age, disability, sexual orientation, gender identity, status as a protected veteran, or any other characteristic protected by law. Amyx is a VEVRAA federal contractor and we request priority referral of veterans.</p>\n<p><strong>Physical Demands</strong>Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential.</p>",
    "directApply": true,
    "jobLocation": [
      {
        "@type": "Place",
        "address": {
          "@type": "PostalAddress",
          "postalCode": "22009",
          "addressRegion": "VA",
          "streetAddress": "UNAVAILABLE",
          "addressCountry": "US",
          "addressLocality": "Springfield",
          "postOfficeBoxNumber": "UNAVAILABLE"
        }
      }
    ],
    "validThrough": "2027-06-18T08:29:24.456Z",
    "employmentType": "FULL_TIME",
    "hiringOrganization": {
      "name": "Amyx, Inc.",
      "@type": "Organization",
      "sameAs": "www.amyx.com"
    },
    "occupationalCategory": "Cybersecurity"
  },
  "detail_meta": {
    "url": "https://careers-amyx.icims.com/jobs/4410/information-systems-security-manager-ii/job?in_iframe=1",
    "http_status": 200,
    "content_type": "text/html;charset=UTF-8",
    "response_bytes": 52622,
    "compact_response_bytes": 11885,
    "original_response_bytes": 52622
  },
  "sitemap_job": {
    "id": "4410",
    "url": "https://careers-amyx.icims.com/jobs/4410/information-systems-security-manager-ii/job",
    "slug": "information-systems-security-manager-ii",
    "lastmod": "2026-05-15T12:06:20-04:00"
  },
  "detail_errors": []
}