**This Position is Contingent on Contract Award**Description: Columbia Technology Partners is seeking an Information Systems Security Officer (ISSO) to support the security and compliance posture of information systems, programs, and enclaves across mission-critical environments. The ideal candidate will assist with the implementation and enforcement of information security policies, support Risk Management Framework (RMF) activities, maintain operational security compliance, and ensure systems adhere to established security requirements. This role provides opportunities to support or lead security operations, authorization activities, configuration management, and information assurance initiatives while working closely with Information System Security Managers (ISSMs), engineers, administrators, and government stakeholders.
Key Responsibilities - ISSO Level 2: - Implement, coordinate, and enforce information systems security policies, standards, and methodologies.
- Maintain the operational security posture of information systems and ensure compliance with applicable security requirements.
- Support security authorization activities in accordance with NIST Risk Management Framework (RMF) requirements.
- Develop, maintain, and review security documentation, including System Security Plans (SSPs), Risk Assessment Reports, Certification & Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
- Evaluate security solutions to ensure compliance with requirements for processing classified information.
- Assist with vulnerability assessments, risk assessments, and security impact analyses.
- Administer user identification and authentication mechanisms for assigned systems.
- Maintain configuration management for security-relevant hardware, software, and firmware.
- Manage and assess system changes to determine security impacts.
- Maintain records for information systems and security-related assets, including upgrades and modifications.
- Support the ISSM in maintaining the appropriate information assurance posture for systems, programs, and enclaves.
- Perform day-to-day security operations and assist with the management of security aspects of assigned systems.
Additional Responsibilities - ISSO Level 3: In addition to the responsibilities above, ISSO 3 candidates will:
- Lead information assurance activities for assigned programs, systems, or enclaves.
- Serve as an Information System Security Manager (ISSM) when required.
- Provide daily oversight, guidance, and direction to contractor ISSOs.
- Serve as the Approval Authority for information systems under their control.
- Lead the planning, coordination, and implementation of security programs and policies.
- Interact directly with customers, IT staff, program leadership, and senior executives to define and achieve Information Assurance objectives.
- Oversee certification and accreditation efforts for assigned systems.
- Provide strategic guidance on system security posture, compliance, and risk management activities.
- Ensure security requirements are incorporated into operational and organizational objectives.
Qualifications - ISSO Level 2: - Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related discipline from an accredited college or university.
- Ten (10) years of experience as an Information Systems Security Officer supporting programs and contracts of similar scope, type, and complexity.
- Four (4) additional years of ISSO experience may be substituted in lieu of a bachelor's degree.
- DoD 8570 compliance with Information Assurance Management (IAM) Level I or higher is required.
- Experience in at least two (2) of the following areas:
- Security tools and technologies
- Hardware and software security implementation
- Communication protocols
- Encryption techniques and technologies
Additional Qualifications - ISSO Level 3: - Fifteen (15) years of experience as an Information Systems Security Officer supporting programs and contracts of similar scope, type, and complexity.
- Experience in at least three (3) of the following areas:
- Security tools and technologies
- Hardware and software security implementation
- Communication protocols
- Encryption techniques and technologies
Preferred Qualifications: - Experience supporting NIST RMF, security authorization, continuous monitoring, and compliance initiatives.
- Experience developing and maintaining SSPs, C&A packages, risk assessments, and related security documentation.
- Experience supporting classified environments and implementing security controls for government information systems.
- Knowledge of vulnerability management, configuration management, and security impact analysis processes.
- Experience working closely with ISSMs, system administrators, engineers, and government stakeholders in secure mission environments.
Requirements: - U.S. Citizenship is required for all applicants. CTP is an equal opportunity employer and abides by applicable employment laws and regulations. All applicants and employees are subject to random drug testing in accordance with Executive Order 12564. Employment is contingent upon successful completion of a security background investigation and polygraph.
- Certification Requirements:
This position requires an active Security Clearance with appropriate Polygraph.CTP was voted one of the top 25 best places to work in Baltimore by Baltimore Magazine!