Senior DoD Information Systems Security Manager- RMF / Cloud SME

Tetrad Digital Integrity (TDI) is seeking a Senior DoD Information Systems Security Manager (ISSM) / RMF & Cloud SME who thrives in the arena—hands-on, technically deep, and ready to go head-to-head (consultatively) with senior government cyber experts.

This is not a typical ISSM role;  yuu’ll lead from the front on cloud-first, containerized systems with integrated Generative AI, drive ATO outcomes, and defend decisions with authority.

If you’re a roll-up-your-sleeves security leader who speaks RMF, NIST 800-53, Cloud SRG, Kubernetes / GKE, and AI risk in the same sentence—and you can craft rock-solid policies and compliance statements—this is your platform to make a name.

Join TDI’s Solutions team to set the bar for DoD cloud security and deliver mission-critical impact from day one.

RESPONSIBILITIES :

• High-Profile, out-front leadership and support of DoD RMF activities throughout all phases (categorization, control selection, implementation, assessment, authorization, and continuous monitoring).
• Provide expert guidance on DoD cloud security policies, NIST SP 800-53 controls, CNSS policies, and DoD-specific frameworks such as Cloud Computing SRG and AI-specific guidance.
• Conduct security architecture reviews and security engineering analysis for cloud-native and containerized workloads hosted in Google Cloud Platform.
• Evaluate security controls associated with Kubernetes, Docker, and container orchestration platforms within GCP.
• Assess security risks related to generative AI components, including large language models (LLMs) and AI / ML workloads, ensuring responsible and compliant use.
• Develop and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), Plan of Action and Milestones (POA&Ms), and related RMF documentation.
• Perform threat modeling, vulnerability assessments, and risk analysis tailored to cloud environments and AI technologies.
• Interface with system architects, developers, and DevSecOps teams to integrate security throughout the Software Development Lifecycle (SDLC).
• Support security control assessments (SCAs) and coordinate with third-party assessors.
• Monitor, track, and report on security compliance posture through Continuous Monitoring (ConMon) processes.
• Minimal travel will be required.
QUALIFICATIONS :
• U.S.
• Citizenship with an active DoD Secret clearance (Top Secret preferred).
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• Security certifications such as Certified Information System Security Professional (CISSP) or Certified Information System Manager (CISM). 15+ years of cybersecurity experience, with demonstrated experience supporting RMF activities for DoD systems.
• Working knowledge and application of concepts with cloud platforms.
• Google Cloud Platform (GCP), including IAM, VPC, Kubernetes Engine (GKE), and security-related services are preferable.
• Strong knowledge of containerized environments (e.g., Docker, Kubernetes) and container security best practices.
• Familiarity with Generative AI technologies, including LLMs and AI / ML security considerations.
• Deep understanding of NIST SP 800-53, DoD RMF, FedRAMP, and other relevant cybersecurity frameworks.
• Experience writing and maintaining RMF artifacts such as SSPs, POA&Ms, and SARs.
• Strong communication skills and ability to collaborate effectively with technical and non-technical stakeholders.
• Experience with security risk assessments in DoD or federal cloud environments.

PREFERRED QUALIFICATIONS :