All hired employees are expected to have experience with Microsoft Copilot and / or an approved equivalent AI solution.DescriptionData Systems Analysts, Inc. (DSA) is seeking a TS/SCI cleared Information System Security Officer (ISSO), Network Security to support enterprise network systems in a secure DoD environment. The Network ISSO will support cybersecurity compliance, Risk Management Framework (RMF), vulnerability management, DISA STIG validation, continuous monitoring, and authorization sustainment for Cisco based network infrastructure.
The Network ISSO will work closely with network engineers, cybersecurity staff, ISSMs, ISSEs, system owners, and mission partners to ensure network systems remain secure, compliant, documented, and operationally effective. This role is suited for a technical ISSO with experience in RMF, ACAS, eMASS, POA&Ms, firewall rule reviews, ports and protocols, vulnerability remediation, and secure network operations.
This position is onsite in Charlottesville, VA.
Responsibilities- Support cybersecurity compliance, risk management, and continuous monitoring for enterprise network systems.
- Review and validate security configurations for Cisco routers, switches, firewalls, and related network infrastructure.
- Support DISA STIG validation, SCAP benchmarks, security baselines, and device hardening requirements.
- Conduct, review, and validate vulnerability scans using ACAS, Tenable Nessus, STIG Viewer, and other approved DoD tools.
- Analyze vulnerability findings, identify false positives, document risk, and coordinate remediation with network engineering teams.
- Develop and maintain RMF documentation including SSPs, POA&Ms, Continuous Monitoring artifacts, hardware and software inventories, network diagrams, and control implementation details.
- Support ATO package development, renewal, extension, audit readiness, and authorization sustainment activities.
- Review firewall rules, access control lists, ports, protocols, services, VPN connections, network flows, and boundary protection controls.
- Support change control reviews by assessing network changes for cybersecurity, RMF, documentation, and compliance impacts.
- Monitor compliance through eMASS, ACAS, STIG Viewer, vulnerability management tools, and other approved DoD systems.
- Support incident response activities by reviewing network related alerts, logs, firewall events, syslog data, authentication events, and corrective actions.
- Prepare security status updates, vulnerability summaries, POA&M updates, compliance reports, and risk briefings for stakeholders and leadership.
Required Education, Certifications and Security Clearance- BS degree in Engineering, Computer Science, or related field
- Experience may be substituted for degree.
- TS/SCI Clearance
- DoD 8140 (8570) IAT Level II Certification
- CCNA certification
Requirements Experience/Qualifications- Minimum 4 years of experience supporting cybersecurity, information assurance, network security, RMF, vulnerability management, or secure infrastructure operations.
- Experience supporting cybersecurity activities within the DoD, Intelligence Community, or other secure enterprise environment.
- Demonstrated understanding of DoD cybersecurity policy, RMF lifecycle, continuous monitoring, and authorization sustainment.
- Experience developing or maintaining SSPs, POA&Ms, Continuous Monitoring documentation, control implementation details, and authorization artifacts.
- Familiarity with eMASS for control tracking, package updates, risk documentation, and authorization maintenance.
- Hands on experience with ACAS, Tenable Nessus, STIG Viewer, SCAP, or vulnerability management processes.
- Experience reviewing, validating, or remediating vulnerability findings for network devices or supporting infrastructure.
- Experience applying or validating DISA STIGs, secure configuration baselines, and hardening guidance.
- Working knowledge of Cisco routers, switches, firewalls, Cisco ASA, Cisco Firepower, Cisco Secure Firewall, Cisco ISE, Catalyst, Nexus, ISR, or ASR platforms.
- Working knowledge of routing, switching, VLANs, ACLs, firewall policies, ports, protocols, VPNs, IPsec, NAT, DNS, DHCP, subnetting, logging, and boundary protection.
- Ability to review network diagrams, firewall rule sets, data flows, ports and protocols, and system interconnections for security and compliance impacts.
- Experience coordinating with network engineers, system administrators, ISSMs, ISSEs, system owners, and mission partners to resolve security findings.
- Knowledge of NIST SP 800-37, NIST SP 800-53, CNSSI 1253, DISA STIGs, DoD cybersecurity policy, and Intelligence Community cybersecurity requirements.
- Strong documentation, communication, analytical, and coordination skills.
PreferredExperience/Qualifications- CCNP, CCNP Security, Cisco CyberOps, or equivalent network security certification.
- CISSP, CISM, CGRC, CAP, CASP+, SecurityX, CySA+, CEH, PenTest+, or equivalent cybersecurity certification.
- Experience supporting DoD or Intelligence Community network environments.
- Experience securing, assessing, or documenting Cisco ASA, Cisco Firepower, Cisco Secure Firewall, Cisco ISE, Catalyst, Nexus, ISR, or ASR platforms.
- Experience reviewing firewall rules, access control policies, route tables, network diagrams, ports and protocols, VPNs, boundary security, or system interconnection documentation.
- Familiarity with Zero Trust principles, network segmentation, identity based access control, and modern DoD cybersecurity architecture.
- Experience with Splunk, Elastic, ELK Stack, OpenSearch, SolarWinds, Wireshark, NetFlow, syslog, firewall logs, or other tools used to support monitoring and incident response.
- Familiarity with network automation or scripting tools such as Ansible, Python, PowerShell, Terraform, or Cisco Catalyst Center.
- Knowledge of continuous authorization, continuous monitoring, governance, risk management, and compliance sustainment.
Applicable Military Backgrounds- Army: 17C, 25B, 25D, 25H, 255A, 255N, 255S
- Navy: IT, ITS, ITN, ITR, CWT, 1820, 1880
- Air Force: 1B4X1, 1D7X1, 1D7X1A, 1D7X5, 17D, 17S
- Marine Corps: 0631, 0671, 0681, 1702, 1721
- Space Force: 5C0X1, 17X
- Coast Guard: IT, CMS, CMM, C5I
#DSA209
#LI-KE1
