Skip to content

(704) Cybersecurity Information System Security Manager (ISSM)

Arlo Solutions LLCOrlando, FL, USJuly 14, 2026
On-site
Full-time
GRC
Management

Company Summary

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future. 

Position Description:

Arlo Solutions is seeking an experienced Information System Security Manager (ISSM) to support a U.S. Army customer in Orlando, Florida. This is a full-time on-site position responsible for managing the cybersecurity posture and Risk Management Framework (RMF) lifecycle for approximately 3–7 Army Information Systems supporting missions ranging from Controlled Unclassified Information (CUI) through classified environments. The ISSM serves as the primary cybersecurity advisor for assigned systems and is responsible for ensuring compliance with DoD RMF, Army Regulation (AR) 25-2, and U.S. Army NETCOM RMF policies, processes, and business rules. The position requires close coordination with Government leadership, Program Managers, Information System Owners, Security Control Assessors, engineers, and Authorizing Officials to maintain secure, compliant, and operationally ready systems throughout their lifecycle.

Location:  Onsite:  US ARMY, Orlando FloridaClearance:  Active Top Secret Security Clearance (SCI eligibility preferred)

**
Responsibilities and/or Success Factors:**

  • Serve as the Information System Security Manager (ISSM) for 3–7 assigned Army Information Systems.
  • Lead all phases of the DoD Risk Management Framework (RMF) lifecycle in accordance with NETCOM RMF guidance.
  • Develop, maintain, and manage Authorization Packages, including SSPs, POA&Ms, Security Categorization, Continuous Monitoring documentation, and supporting Body of Evidence.
  • Coordinate Authorization to Operate (ATO), Interim Authorization to Test (IATT), Authorization to Operate with Conditions (ATO-C), and reauthorization activities.
  • Manage Continuous Monitoring (ConMon) activities, vulnerability management, STIG compliance, ACAS review, and cybersecurity reporting.
  • Conduct cybersecurity risk assessments and recommend mitigation strategies supporting Authorizing Official (AO) risk decisions.
  • Coordinate Security Control Assessments (SCA) and remediation of assessment findings.
  • Review system architecture, authorization boundaries, network diagrams, data flows, and system changes to ensure continued compliance. 
  • Manage Plans of Action & Milestones (POA&M) and track corrective actions through closure.
  • Provide cybersecurity guidance to system owners, engineers, administrators, and Government leadership.
  • Prepare and brief cybersecurity status, risks, and authorization recommendations to senior Government stakeholders.
  • Support implementation of Zero Trust Architecture (ZTA), cloud security, and secure system engineering principles where applicable.

**
Minimum Qualifications Including Certificates:**

  • Active Top Secret Security Clearance (SCI eligibility preferred)
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or related field (or equivalent experience) 
  • Minimum 8 years supporting DoD cybersecurity program
  • Minimum 5 years supporting DoD RMF and Assessment & Authorization activities
  • Experience supporting U.S. Army or other DoD cybersecurity programs
  • Experience managing multiple RMF authorization packages simultaneously
  • Excellent written, verbal, and presentation skills 
  • Candidates should meet applicable DoD 8140 Cyber Workforce Qualification requirements.

Preferred certifications include one or more of the following: 

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • CompTIA CASP+
  • Certified Cloud Security Professional (CCSP)

Desired Qualifications: 

Required Knowledge & Experience The successful candidate should possess experience with:

  • Department of Defense Risk Management Framework (RMF)
  • U.S. Army RMF implementation
  • NETCOM RMF Business Rules and authorization processes 
  • Continuous Monitoring (ConMon) • Vulnerability Management
  • Security Control implementation 
  • Security Assessments and Authorization (A&A)
  • System Security Plans (SSP)
  • POA&M management • Security documentation development
  • Cybersecurity governance and compliance
  • eMASS, Xacta, or equivalent GRC tools
  • Microsoft Windows, Linux, virtualization, and enterprise networking
  • Cloud environments supporting FedRAMP and DoD Cloud SRG (preferred) Minimum Qualifications

AAP Statement

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.

Job Details

Experience

Management

Tools & Tech

Linux
Windows

Preferred Certs

CCSP
CISM
CISSP
CASP+