Job Summary- Seeking an experienced Information Systems Security Officer (ISSO) to support mission-critical Department of Defense (DoD) and Intelligence Community (IC) programs
- As an ISSO, you will play a vital role in protecting classified information systems, maintaining cybersecurity compliance, and supporting the operational security posture of enterprise environments
- You will work closely with system owners, engineers, cybersecurity teams, and government stakeholders to ensure information systems comply with federal cybersecurity requirements, Risk Management Framework (RMF) standards, and organizational security policies
The ideal candidate has experience managing day-to-day cybersecurity operations, conducting security assessments, supporting system authorization activities, and ensuring secure operation of complex information systems throughout their lifecycle.
Primary Responsibilities- Serve as the Information Systems Security Officer (ISSO) for assigned information systems and support the Information System Security Manager (ISSM) in maintaining the overall security posture
- Support the organization's Information Assurance (IA) and cybersecurity program by ensuring compliance with applicable federal, DoD, and Intelligence Community security requirements
- Plan, coordinate, implement, and enforce information system security policies, standards, and procedures across assigned systems and projects
- Maintain the operational security posture of mission-critical information systems through continuous monitoring, security assessments, and compliance activities
- Monitor system security controls and support incident response, vulnerability management, and remediation efforts
- Conduct vulnerability assessments, security reviews, and risk assessments to support Risk Management Framework (RMF) authorization and continuous monitoring activities
- Evaluate hardware, software, and security solutions to ensure compliance with requirements for processing classified and sensitive information
- Assess proposed system changes, perform security impact analyses, and support configuration management activities
- Develop, maintain, and review cybersecurity documentation, including:
- System Security Plans (SSPs)
- Risk Assessment Reports (RARs)
- Risk Management Framework (RMF) authorization packages
- Security Assessment Reports (SARs)
- Plans of Action and Milestones (POA&Ms)
- System Requirements Traceability Matrices (SRTMs)
- Coordinate with system administrators, network engineers, software developers, and government representatives to implement security controls and resolve cybersecurity issues
- Support security audits, inspections, and compliance reviews while maintaining accurate security documentation and audit artifacts
- Assist in developing security awareness initiatives and promoting cybersecurity best practices across supported programs
Required Qualifications- Must have active Top Secret/SCI clearance with NSA Full Scope Polygraph
- Minimum of five (5) years of experience as an Information Systems Security Officer (ISSO) supporting programs of similar scope, type, and complexity
- Experience in one or more of the following areas:
- Information Assurance (IA) and cybersecurity operations
- Security tools and vulnerability management
- Hardware and software security implementation
- Network communication protocols
- Encryption technologies and cryptographic solutions
- Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Information Assurance, or a related technical discipline from an accredited college or university.
- Four (4) additional years of ISSO experience may be substituted in lieu of the degree requirement
- DoD 8570 Information Assurance Management (IAM) Level I certification (or higher) is required
- Strong knowledge of the Risk Management Framework (RMF), NIST Special Publications, Committee on National Security Systems (CNSS) policies, and DoD cybersecurity requirements
- Experience supporting system authorization, continuous monitoring, and cybersecurity compliance activities
- Knowledge of vulnerability management, security control implementation, and risk assessment methodologies
- Experience preparing and maintaining RMF security documentation and authorization packages
- Familiarity with enterprise security tools, vulnerability scanners, and system monitoring solutions
- Experience supporting configuration management and evaluating security impacts of system changes
- Strong understanding of access control, authentication, encryption, and secure systems administration
- Excellent analytical, organizational, troubleshooting, and documentation skills
- Strong written and verbal communication skills with the ability to work effectively across multidisciplinary technical teams
Desired Qualifications- Experience supporting Authorization to Operate (ATO) activities within DoD or Intelligence Community environments
- Experience using Enterprise Mission Assurance Support Service (eMASS) or similar authorization management tools
- Experience with Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs), and security compliance validation
- Familiarity with vulnerability management tools such as Tenable Security Center, Nessus, or ACAS.
- Experience supporting cloud, hybrid cloud, or virtualized enterprise environments
- Knowledge of Security Information and Event Management (SIEM) platforms and continuous monitoring technologies
- Experience working within Agile or DevSecOps environments
- Familiarity with incident response, cybersecurity operations, and enterprise risk management
Exempt hourly position. 11 paid holidays, minimum of 3 weeks PTO, company sponsored group medical plan, company paid dental, vision, life insurance, and STD/LTD plans. Salary is dependent upon the candidate's experience and qualifications.
The pay range for this role is:
110,000 - 145,000 USD per year (NBP)
