Information Systems Security Officer II/III

XSITE LLC

$95K — $141K *
Aerospace & Defense
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in a relevant technical or managerial field or equivalent cyber experience.
  • 3-10 years of experience in cybersecurity and information assurance roles.
  • Experience with RMF, A&A lifecycle, and DoD information system security.
  • Skilled in preparing and reviewing cybersecurity compliance documentation.
  • Proficient with information assurance tools like eMASS and ACAS/Nessus.
  • Active U.S. Secret clearance preferred; required clearance must be obtained.
  • Excellent communication skills for coordinating with diverse teams.

Responsibilities

  • Support Risk Management Framework (RMF) and cybersecurity compliance activities for Navy/DoD systems.
  • Develop and maintain key cybersecurity documentation for assessments and authorizations.
  • Conduct continuous monitoring and security reviews to uphold system integrity.
  • Collaborate with technical and governmental stakeholders on risk management processes.
  • Document and assist in remediating identified cybersecurity vulnerabilities.
  • Utilize cybersecurity tools to manage system security and compliance requirements.
  • Aid in configuration management to evaluate cybersecurity impacts of system changes.

Benefits

  • Hybrid/remote work flexibility.
  • Opportunities for professional development in cybersecurity.
  • Collaborative environment with exposure to Navy/DoD initiatives.
  • Potential for significant career growth within the defense sector.
Full Job Description
Position: Information Systems Security Officer (ISSO)
Level: Mid to Senior
Location: San Diego, CA (Hybrid/Remote Considered)
Telework: Hybrid remote/onsite, with typical set schedule at Government facility
Travel: Less than 10%
Salary: $95,000-$141,000, depending on experience, clearance, certifications, and contract requirements

Responsibilities of this position include, but are not limited to:
  • Support Risk Management Framework (RMF), Assessment & Authorization (A&A), and Authorization to Operate (ATO) activities for Navy/DoD information systems.
  • Develop, review, maintain, and update cybersecurity documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action & Milestones (POA&Ms), Security Categorization documentation, Privacy Impact Assessments, and related A&A artifacts.
  • Support continuous monitoring, annual security reviews, control validation, and audit-readiness activities.
  • Coordinate with system owners, engineers, administrators, Security Control Assessors, Authorizing Officials, and other stakeholders to support cybersecurity compliance and risk management.
  • Track, document, and support remediation of vulnerabilities, STIG findings, POA&M items, and other cybersecurity risks.
  • Use cybersecurity and information assurance tools such as eMASS, ACAS/Nessus, STIG Viewer, and related DoD/Navy systems as required.
  • Support configuration management and baseline change activities to ensure cybersecurity impacts are identified, documented, and addressed.
  • Assist with cybersecurity inputs for system changes, boundary updates, hardware/software lists, network diagrams, and authorization packages.
  • Maintain awareness of applicable DoD, Navy, and federal cybersecurity policies, including RMF, NIST SP 800-53, DoDI 8510.01, and DoD 8140/8570 workforce requirements.

Required Qualifications:
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, Mathematics, Business, Management, or a related technical or managerial field preferred. Additional relevant cybersecurity, military, Navy, RMF, A&A, or information assurance experience may be considered in lieu of degree.
  • 3-10 years of practical experience in cybersecurity, information assurance, engineering, test and evaluation, RMF, A&A, C&A, or related information system security support.
  • Experience supporting RMF, A&A, ATO lifecycle, cybersecurity compliance, or Navy/DoD information system security activities.
  • Experience preparing, maintaining, or reviewing cybersecurity artifacts and compliance documentation in support of ATO requirements.
  • Experience with Information Assurance tools such as eMASS and ACAS/Nessus.
  • Working knowledge of RMF, ATO requirements, POA&M tracking, vulnerability management, security controls, and information system security posture maintenance.
  • Active U.S. Secret clearance preferred; ability to obtain and maintain required clearance is required.
  • Strong written and verbal communication skills, with the ability to coordinate across technical teams, Government stakeholders, and program leadership.

Preferred Qualifications:
  • Prior experience supporting PMW/A 170, PEO C4I, NAVWAR, NIWC, Navy PNT systems, or other Navy C4I/cybersecurity programs.
  • Current DoD 8140/8570-compliant certification such as Security+, CAP, CASP+, CISSP, CISM, GSLC, or equivalent.
  • Experience supporting classified and/or mission-critical Navy or DoD systems.
  • Experience with POA&M management, vulnerability remediation coordination, annual security reviews, continuous monitoring, and ATO sustainment.
  • Familiarity with CYBERSAFE, Cross Domain Solution documentation, Navy authorization packages, or Security Control Assessor coordination.
  • Experience supporting system boundary validation, hardware/software baselines, configuration control, or Baseline Change Requests.

Please note: This position is contingent upon contract award and Government approval. XSITE is proactively building its candidate pipeline for an anticipated award expected within the next few weeks.

Similar Jobs

More Jobs at XSITE LLC

More Aerospace & Defense Jobs

Find similar Information Systems Security Officer II/III jobs: