Information Security Manager

Title: Information Security Manager

Location: Pensacola, FL (Onsite)

Clearance: Secret

Start: Based on Contract Award

Foxhole Technology provides robust cybersecurity and IT support capabilities for federal civilian and defense agencies. A recognized leader in navigating technology and security challenges, Foxhole delivers mission-focused innovations to answer evolving and complex needs. Our talented employee-owners provide agile, scalable services and solutions that solve operational gaps, operate critical systems, and protect and secure the enterprise - across the organization and around the world.

Foxhole Technology is seeking an experienced Information Security Manager to lead a team of information assurance professionals and support a critical Government program. In this role, you will ensure the confidentiality, integrity, and availability of program assets, data, and services throughout their lifecycle. The Information Security Manager will oversee the development, documentation, and maintenance of a comprehensive Information Security Plan, adhering to DoD and DISA standards, while ensuring compliance with Assessment & Authorization (A&A) and the Risk Management Framework (RMF).

Team Leadership:
• Manage and lead an Information Assurance team and a suite of cybersecurity requirements.
• Train Information Systems Security Engineers (ISSEs) to enhance the security posture of both unclassified and classified environments through automation.
• Optimize the use of approved security software, including Tenable/Nessus, Trellix, Tanium, Forescout, and Splunk.
• Security Program Management:
• Develop and maintain the program's Information Security Plan in alignment with Government policies.
• Oversee the categorization and assignment of security controls in Enterprise Mission Assurance Support Service (eMass).
• Create and maintain A&A packages, ensuring compliance with DoD and DISA policies.
• Manage inherited security controls, Plan of Action and Milestones (POA&M), and all system documentation in eMass.
• Support processes for achieving and maintaining Authority to Operate (ATO) approvals.
• Risk Mitigation and Compliance:
• Consistently provide risk mitigations for open vulnerabilities in complex networks, offering actionable insights to leadership.
• Ensure compliance with Security Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alerts (IAVA), and Continuous Monitoring and Risk Scoring (CMRS).
• Oversee security incident response activities in compliance with Cybersecurity Service Provider (CSSP) requirements.
• Manage scanning and compliance activities using tools like Assured Compliance Assessment Solution (ACAS) and ensure effective vulnerability remediation.
• Technical Oversight:
• Implement tools and procedures to ensure confidentiality, integrity, and availability across agency software, hardware, and networks.
• Protect agency networks, systems, and devices from threats, intrusions, and denial-of-service attacks.

• Minimum Security Clearance: Active Secret clearance.
• Education: Bachelor's degree in a related field (or equivalent experience)
• Minimum of 7-10 years of experience in information security, including 5 years in a leadership role.
• Proven expertise in Risk Management Framework (RMF), A&A processes, and eMass.
• Demonstrated success in leading teams and managing complex cybersecurity programs.
• Track record of managing ATO processes, POA&M development, and vulnerability remediation.
• Expertise in STIG implementation, COMSEC, SIEM solutions, and cybersecurity incident response.
• Strong knowledge of Linux, Windows environments, and scripting (e.g., PowerShell).
• Experience with vulnerability scanning tools like ACAS and vulnerability management frameworks.
• Hands-on experience with security tools such as Tenable/Nessus, Splunk, Tanium, Trellix, and Forescout.
• Strong leadership and team collaboration skills.
• Excellent communication and coordination abilities with Government and cross-functional teams.

Requirements of position: Think analytically, effective verbal and written communication skills, make decisions, observe/remember details, interpret data, concentrate on tasks, adjust to change, handle stress/emotions. Regular attendance, maintain work schedule, attend meetings, meet deadlines, keyboard/type, handle confidential information, use math/calculations, stay organized, operate office equipment, may direct others. Must be able to see, have eye/hand coordination, and lift up to 10 lbs. May be exposed to dust/dirt, humidity, and noise.

Foxhole Technology is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law.