Everforth ECS is seeking an
Information System Security Officer (ISSO) to work onsite at our
Ft. Meade, MD office.
Everforth ECS is seeking an experienced
InformationSystem Security Officer (ISSO) to support robust Impact Level (IL) 5 and IL6 programs in an operational DoW environment that houses multiple U.S. Coalition Mission Partner Environments (MPE).
This position is a demanding, high-energy role that requires strong cybersecurity judgement, attention to detail, and the ability to support authorization, compliance, and continuous monitoring activities across multiple enclaves in a dynamic Azure DoW environment. The ideal candidate has hands-on ISSO experience supporting classified DoW programs, a working knowledge of RMF and NIST 800-53 controls, and familiarity with cyber tools such as ACAS and Trellix. They are organized, proactive, comfortable collecting and validating security artifacts, and able to communicate clearly with both technical and non-technical stakeholders. The ISSO reports to the Senior Technical Program Manager.
Job Responsibilities:
- Support:
- ISSO activities for a DoD Azure environment, including RMF, ATO maintenance, continuous monitoring, and compliance documentation.
- Development and maintenance of ATO artifacts, including security plans, control evidence, vulnerability reports, diagrams, inventories, and risk documentation.
- Security control assessments, audit readiness, continuous monitoring reviews, and authorization package updates for classified systems.
- Develop, update, and track POA&Ms for vulnerabilities, STIG findings, control gaps, audit findings, and other security risks.
- Maintain eMASS records, including control implementation details, artifacts, POA&Ms, assessment results, risk documentation, and continuous monitoring evidence.
- Review and validate STIG artifacts submitted by engineers, including checklists, scan results, remediation evidence, mitigations, and closure documentation.
- Work with engineers, system administrators, cloud teams, and government stakeholders to validate findings, track remediation, and keep security documentation current.
- Administer and maintain ACAS, including Nessus scanners, plugin updates, troubleshooting credentialed scan issues, scan scheduling, and vulnerability reporting.
- Review ACAS scan results and prepare vulnerability reports, metrics, POA&M updates, and remediation tracking artifacts.
- Administer and support Trellix / ESS, including ePO policies, endpoint protection settings, agent health, alert monitoring, and reporting.
- Investigate Trellix endpoint alerts, suspicious activity, malware events, and agent issues; assist with tuning policies, exclusions, and alerting logic to reduce false positives while maintaining required security coverage.
- Assist with monitoring, configuring, and documenting alerts, incidents, dashboards, and security events in Microsoft Sentinel.
- Participate in cybersecurity status meetings, vulnerability reviews, POA&M reviews, and ATO-related coordination with government and contractor teams.
- Other duties, as assigned.
- U.S. Citizen.
- Active Secret clearance - TS/SCI preferred (Or ability to obtain)
- Active a DoD 8140 IAT Level II Security+ (or higher) active.
- Ability to work five days a week onsite at Fort Meade, MD.
- Experience supporting:
- DoD RMF, ATO maintenance, continuous monitoring, and security authorization documentation.
- vulnerability management activities using ACAS/Nessus.
- Hands-on experience with eMASS or similar RMF/GRC software, including control documentation, artifact management, POA&M tracking, and authorization package maintenance.
- Experience with:
- Creating, updating, and managing POA&Ms for vulnerabilities, STIG findings, audit findings, and NIST800-53 controls.
- Reviewing and validating DISA STIG artifacts and coordinating remediation activities with technical teams.
- Trellix endpoint/security tools.
- Familiarity with NIST SP 800-53 controls, DoD RMF processes, and cyber security assessment documentation.
- Practical understanding of secured IT infrastructure, particularly Windows, RHEL, and Azure environments, with the ability to evaluate how network, identity, server, endpoint, authentication, logging, and core service components affect security, compliance, and authorization posture.
- Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
- Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
