Information Systems Security Manager (ISSM)

This position advertised has been exempted from the federal civilian hiring freeze.

Position Overview

This position advertised has been exempted from the federal civilian hiring freeze.

Current FBI employees are ineligible to apply if serving under the same conditions as that for which is advertised, including:

• Appointing organization (FBI)
• Type of position (full-time, part-time, etc.)
• Same or higher grade
• Duty location (city or state)
• Type of appointment (permanent, temporary, etc.)
  
  

Job Opening: 63626

Opening Date: March 24, 2026

Closing Date: Online applications must be received before 11:59 p.m. on April 7, 2026, or when 150 applications are received, whichever comes first.

Job Title

Information System Security Manager

IT Specialist (ITS)- official FBI position title and career ladder

Full Performance Level GS--14

Division Office of the Chef Information Officer (OCIO)

Unit Cybersecurity Risk Management (CRMU)

Location Washington, DC; Quantico, VA; Clarksburg, WV; Huntsville, AL

Working Hours 8:00am-4:30pm (Flexible)

Job Type Full Time/Permanent

Who May Apply All U.S. Citizens

Number of Positions Available 4

Questions Email: HRS Mary Arbelo at marbelo@fbi.gov

Salary

GS-13 $90,925.00.00--$118,204.00

GS- 14 $107,446.00--$139,684.00

• Locality pay depends on selectee's location preference
  
  

To attract and retain highly qualified candidates, selectees may be eligible for a recruitment incentive of up to 20% or, for eligible current federal employees, a relocation incentive of up to 15%. Eligibility for a relocation incentive requires proof of a change in residence and an assignment at a worksite in a different geographic area greater than or equal to 50 miles from the prior worksite. Employees must sign a written service agreement completing a specified period of employment with the FBI at the new duty station. Recruitment and relocation incentives cannot be combined.

Additional selections may be made from this announcement to fill positions within the same division when the position includes substantially the same duties, responsibilities, and qualifications.

Job Summary

This position serves as an Information Systems Security Manager (ISSM) within the Cybersecurity Risk Management Unit (CRMU), part of the Enterprise Cybersecurity Section (ECS) in the Office of the Chief Information Officer (OCIO). CRMU is responsible for managing and executing the FBI’s Security Assessment and Authorization (SAA) process and ensuring that every FBI information system maintains a valid Authorization to Operate (ATO).

As an ISSM, you will oversee a portfolio of FBI IT systems, provide strategic security oversight and ensure compliance with federal cybersecurity policies and risk management frameworks. You will lead and coordinate a team of contractor personnel, guide system owners through the SAA lifecycle, and ensure that security controls are properly implemented, assessed, and documented. This role is critical to safeguarding FBI mission systems and maintaining the integrity of enterprise cybersecurity operations.

Key Requirements

• Must be a U.S. citizen
• Must be able to obtain a Top Secret-SCI clearance
  
  

PHYSICAL DEMANDS

The work is sedentary. No special physical demands are required to perform the work. Some travel may be required.

WORK ENVIRONMENT

The work is performed in a typical office setting. Special safety precautions are not required.

Gs-13

MAJOR DUTIES:

• Assist System Owners, Program Managers, and ISSOs with Security Assessment and Authorization (A&A) activities and RMF documentation requirements.
• Apply federal cybersecurity standards and guidance, including NIST SP 800-53 Rev. 5, NIST SP 800-53A, and FISMA requirements.
• Conduct security control assessments, compliance monitoring, and vulnerability tracking in support of system authorization and continuous monitoring programs.
• Support risk remediation activities, including tracking and resolving security findings through Plan of Action and Milestones (POA&M).
• Coordinate with system stakeholders on configuration management, change management activities, and Configuration Control Board (CCB) participation.
• Provide cybersecurity recommendations and guidance to ISSMs, ISSOs, and system stakeholders regarding compliance requirements, security controls, and risk mitigation actions.
  
  

GS-14 (In Addition To The Above)

• Serve as a senior cybersecurity advisor to leadership, providing recommendations regarding system authorization decisions, risk posture, and security control implementation.
• Lead Security Assessment and Authorization (A&A) activities and coordinating with System Owners, ISSOs, and Authorizing Officials to obtain and maintain Authority to Operate (ATO).
• Apply and interpret federal cybersecurity standards and policies, including NIST SP 800-53 Rev. 5, NIST SP 800-53A, FISMA, CNSS, and Intelligence Community security guidance.
• Manage continuous monitoring programs, including vulnerability management, configuration baseline compliance, and remediation tracking through Plan of Action and Milestones (POA&M).
• Coordinate cybersecurity activities across multiple systems or projects simultaneously, ensuring compliance with security policies and operational priorities.
• Provide strategic cybersecurity guidance and technical recommendations to senior leaders and stakeholders regarding security engineering initiatives, risk mitigation strategies, and system authorization status.
  
  

Qualifications And Evaluations

Please ensure that your specialized experience and requirements are clearly identifiable in your resume. Your application will be evaluated using the FBI’s Candidate Rating Procedures. Your resume and supporting documents will be reviewed to verify that you meet the job qualifications listed in this announcement. Applicants must meet the qualification requirements by the closing date of this announcement.

If you are found minimally qualified, your application will move forward to additional phases of the review process.

The five competencies will be used in a Structured Resume Review to objectively evaluate applicant resumes. Do not provide a separate narrative written statement. Rather you must describe in your resume how your past work experience demonstrates that you possess the competencies identified below. Your resume should demonstrate that you possess the following competencies.

Competencies

• Communication

Discover our full range of relocation jobs with comprehensive support packages to help you relocate and settle in your new location.

• Flexibility/Adaptability
• Organizing and Planning
• Information Management
• Technology Awareness
  
  

Specialized Experience (SE)

GS-13: Applicant must possess at least one (1) year of SE equivalent to the GS-12 grade level. SE is defined as follows:

• Hands-on experience supporting cybersecurity compliance and RMF authorization activities for information systems. Supporting implementation of the NIST Risk Management Framework (RMF) for federal information systems, including documentation, control implementation, and authorization support.
• Knowledge of, and experience working with, the Risk Management Framework (RMF) process, either as an ISSO, ISSE, ISSR or another role.
• Knowledgeable of assessing the security controls in Federal Information Systems NIST SP 800-53A.
• Ability to coordinate, prioritize and monitor work, including across multiple projects.
• Experience in providing recommendations to senior ISSM’s, ISSO’s, and ISSM Team on security and engineering projects and initiatives.
  
  

GS-14: Applicant must possess at least one (1) year of SE equivalent to the GS-13 grade level. In addition to the above, SE is defined as follows:

• Advanced experience leading cybersecurity risk management and authorization activities for federal information systems, lifecycle, including system categorization, security control selection, implementation, assessment, authorization, and continuous monitoring.
• Leading Security Assessment and Authorization (A&A) activities and coordinating with System Owners, ISSOs, and Authorizing Officials to obtain and maintain system authorization.
• Knowledgeable of the Risk Management Framework NIST Special Publication 800-53 Rev5, FISMA, and its implementation through NIST, CNSS, IC and other government standards
• Knowledgeable of assessing the security controls in Federal Information Systems NIST SP 800-53A.
• Ability to coordinate, prioritize, and monitor work across multiple projects; in addition to providing guidance and recommendations on security and engineering projects and initiatives to leadership.
  
  

Desired Skills

Desired skills are NOT mandatory and will NOT be utilized to minimally qualify applicants. Desired Skills are:

• Excellent customer service mindset and reputation.
• Experience communicating in writing and orally.
• Preferred certification in one or more cybersecurity disciplines (e.g., CISSP, CISM, CCSP, NCSF, etc.)
• Preferred prior architecture / systems engineering experience.
• Preferred prior network, cloud system, and application development experience.
  
  

How To Apply

For detailed instructions related to applying, uploading documents, withdrawing an application or updating your application, please review instructions on How to Apply . If applying online is a hardship, please use the contact information listed in the vacancy announcement prior to the closing date for assistance.

Required Documents

Interested in relocating to United State? Check out our comprehensive Relocation Jobs in United State page with detailed relocation packages and benefits.

To apply to this position, interested applicants must provide a complete application package by the closing date which includes:

• Utilizing the Resume Builder, outline your relevant work experience and associated start and end dates. Uploaded resumes will not be reviewed or used for qualification purposes.
• Other supporting documents (if applicable):
• College transcripts, if qualifying based on education or if there is a positive education requirement
• Former civilian Federal employees must submit a copy of your MOST RECENT SF-50 (Notification of Personnel Action) showing your tenure, grade and step, salary, and type of position occupied (i.e., Excepted or Competitive); or similar Notification of Personnel Action documentation, i.e., Transcript of Service, Form 1150, etc. This is a requirement to verify your Time in Grade (TIG). Actions such as promotion, within grade increase, or reassignment actions must be submitted as your most recent SF 50.
• Most recent Performance Appraisal; not applicable to current FBI employees Veterans: DD 214; Disabled Veterans: DD 214, SF-15, and VA letter dated 1991 or later
• Memorandum for Record (MFR): Work performed outside assigned duties (that would not normally be documented on an SF-50, i. e., back-up duties), has to be documented in detail by an immediate supervisor in order to receive full credit for amount of time worked in that position. If no documentation is furnished no credit will be given for time worked in that position. The following notations must be specified in the documentation:
• Percent of time worked in the particular position (cannot conflict with main duties.
• The month/year work began Frequency worked (i.e., daily, monthly, etc.)
• Specific duties performed
  

Attach the Memorandum for Record to your application in the “Cover Letters and Attachments” section of My Career Tools on the Careers Home page. Please upload the attachment as type “Other.”

While applicants might see these documents in their profile, HR Specialists may be unable to access them. Therefore, all applicants MUST upload another copy to ensure that staffing units can review the complete application.

Please note: Failure to provide the necessary and relevant information required by this vacancy announcement may disqualify you from consideration. Incomplete applications will not be supplemented with additional requests for information; your application will be evaluated solely on the information you submit. You must complete the application process and submit all required documents by 11:59 p.m. (ET) on the announcement’s closing date.

What To Expect Next

Once your complete application is received, we will conduct an evaluation of your qualifications and determine your ranking. The Most Competitive candidates will be referred to the hiring manager for further consideration and possible interview. You will be notified of your status throughout the process.

Additional Information

• The FBI is in the Executive Branch of the federal government. It is one of the components of the Department of Justice (DOJ). The FBI is the principle investigative arm of the DOJ. All FBI positions are in the excepted service.
• Applicants must be U.S. citizens and consent to a complete background investigation, urinalysis, and polygraph. You must be suitable for Federal employment; as determined by a background investigation.
• Positions with fitness for duty requirements or those that require international travel may require proof of certain vaccinations.
• Management may select any grade for which this position has been announced.
• Identification of promotion potential in this announcement does not constitute a commitment or an obligation on the part of management to promote the employee selected at some future date. Promotion will depend upon administrative approval and the continuing need for an actual assignment and performance of higher-level duties. If you are selected, you will be required to serve a two-year probationary period. Probationary employees are precluded from being considered for all job opportunities until 12-months of their 24-month probationary period has concluded. Probationary Employees may be considered for competitive vacancies that are advertised within their respective division or field office after serving 90 days within the FBI.
• The probationary periods will be served concurrently.
  
  

Veterans' Preference

If you are entitled to veterans' preference, you should indicate the type of veterans' preference you are claiming on your resume and application. Your veterans' preference entitlement will be verified by the employing agency.

Nepotism

Nepotism is the act of favoring relatives in the hiring process and is prohibited by law. Public officials are prohibited from hiring or promoting relatives or relatives of officials in their chain of command, as well as actively or indirectly endorse a relative’s appointment or promotion. During the hiring process, all selected candidates and FBI hiring managers will be required to certify they are not related to anyone involved in the hiring process.

Reasonable Accommodation

The FBI provides reasonable accommodations to qualified applicants with disabilities. If you require a reasonable accommodation during the application and/or hiring process, please contact the Office of Equal Employment Opportunity Affairs (OEEOA) Reasonable Accommodation (RA) Program by email at REASONABLE_ACCOMMODA@fbi.gov, phone at 202-324-2158, or fax at 202-324-3976. This email address is for reasonable accommodation requests only. Do not send applications or unrelated inquiries to this address, as they will not be considered.

Equal Employment Opportunity

The FBI is an Equal Opportunity Employer, and all qualified applicants will receive consideration for this vacancy. Unless explicitly authorized by law, selection will be made without regard to, and there will be no discrimination because of, color, race, religion, national origin, marital status, parental status, physical or mental disability, genetic information, age (40 or over), sex, pregnancy and related conditions, or on the basis of personal favoritism, or any other non-merit factors.

Benefits

The Bureau matches your dedication with a commitment to professional growth, a supportive work environment, and a robust benefits package that prioritizes you. As a member of our team, you’ll enjoy comprehensive health and life insurance benefits, paid vacation, sick leave, and federal holidays. For more details about benefits available to all federal employees, visit the Office of Personnel Management’s website .