Information System Security Manager (ISSM)

Decision Technologies seeks a qualified Information System Security Manager (ISSM) to join our team in Austin, TX.   

Position Description:

ISSM with a proven record of reducing enterprise risk and strengthening security posture through advanced Microsoft security ecosystems, SIEM optimization, and strategic technology planning. Implement and managean Intune, Sentinel, Defender, and automated patching solutions. Must be an expert in incident response, threat hunting, and forensic analysis using Sentinel and Splunk. Skilled in developing IT roadmaps, enforcing compliance with NIST, FISMA, HIPAA, PCI, and CUI/ITAR requirements, and integrating FedRAMP‑authorized technologies. Adept at continuous monitoring, DLP implementation, executive‑level SIEM reporting, and enterprise risk mitigation.​

MUST HAVE Secret Security Clearance

Responsibilities and Duties:

• Developed, implemented, and managed enterprise security strategies resulting in a 30% reduction in security incidents over two years, utilizing Microsoft Intune (Kusto), Sentinel, and Defender.
• Spearhead incident response and forensic investigations with Sentinel and Splunk, successfully mitigating high-prioritytwo years breaches.
• Develop a strategic IT roadmap addressing future technological needs, emerging security threats, and regulatory compliance.
• Design and implement patch management tools to incorporate all users, reducing Attack Surface Area with Intune and Windows Automatic Update tool.
• Leverage Defender for Cloud to reduce Attack Surface Reduction and increase security in depth.
• Ensure compliance with regulations like NIST 800-53, NIST 800-171, FISMA, or other relevant cybersecurity frameworks.
• Assess and procure IT products compliant with CUI and ITAR regulations, ensuring seamless integration with FedRAMP marketplace solutions.
• Create, Implement, and Continuous Monitor of Sentinel to verify Risk Management, Threats, Vulnerabilities, Network and Device security, and any configuration changes.
• Integrate workbooks with Sentinel to provide a SIEM for C Suite members during on-site visits and show utilization of security events being collected and analyzed.
• Implement Data Loss Prevention with Labels in Intune to validate security compliance with HIPAA, NIST, PCI, PII and CUI.
• Identify potential risks, developed mitigation strategies, and established contingency plans for enterprise IT systems.

Required Qualifications and Skills:

·       3 to 5 Years of experience as an ISSM

·       Bachelor’s degree from an developaccredited University or CNSSI 4012 certificate or ADQ GA7

·       Completion of one of the following

o   NEC 2779 (CIN: A-531-0009)

o   NEC 3372 (CIN W-3B-1500, EKMS Manager)

o   A-4C-1340 (KMI)

Desired Qualifications:

·       CompTIA CISSP or CASP

·       Understanding of NIST 800-53 Controls

·       Knowledge with DOD eMASS database.

·       Familiarity with STIG Viewer and eMASS software programs,

Travel Requirements:

·       Less than 10%.

Compensation: 

Compensation at Decision Technologies, Inc. is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements.

Employee Benefits:

• Competitive Paid Time Off

• Comprehensive Medical, Dental and Vision Insurance

• Employee Assistance Programs

• Flexible Spending Accounts (Medical, Dependent Care & Commuter)

• Company paid Short Term, Long Term, Life and AD&D Insurance

• 401(k) match

• Tuition Reimbursement

• Paid Certifications

Decision Technologies, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. 

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.