Assistant Information Systems Security Officer (AISSO)

About The Position

Requirements

• High School with 12+ years (or commensurate experience)
• DoD 8570.01-M IAM Level I Certification (e.g., Security+ CE, CAP, GSLC, or equivalent).
• Demonstrated practical user experience with Assured Compliance Assessment Solution (ACAS) for federal vulnerability scanning.
• Hands-on experience utilizing Security Information and Event Management (SIEM) systems for analyzing security alerts and system logs.
• Familiarity with Extended Detection and Response (XDR) platforms for endpoint and network threat detection.
• Direct user experience navigating the Enterprise Mission Assurance Support Service (eMASS) for IT security compliance and risk management.
• Proven understanding of the Risk Management Framework (RMF) process and federal system hardening procedures.
• Must have an active Secret clearance

Nice To Haves

• Experience supporting U.S. Coast Guard (USCG) or Department of Homeland Security (DHS) cybersecurity programs.
• Advanced baseline cybersecurity certifications such as IAM Level II/III credentials (e.g., CISSP, CISM, or CASP+).
• Prior experience participating directly in formal federal security audits or Cyber Operational Readiness Assessments (CORA).
• Familiarity with automation tools or dashboards used to track and report vulnerability remediation progress.

Responsibilities

• Assist the primary ISSO in ensuring the cybersecurity posture, compliance framework, and risk management initiatives.
• Assist in drafting and maintaining comprehensive Authority to Operate (ATO) packages and documentation in alignment with federal guidelines.
• Provide operational guidance in the selection, tailoring, and implementation of security controls applicable to the system environment.
• Identify, select, and assist in the application of appropriate Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) Checklists.
• Create, manage, and actively monitor Plan of Action and Milestones (POA&Ms) to ensure swift remediation of enterprise security gaps.
• Assist in conducting thorough Privacy Threshold Analysis (PTA) to ensure federal data privacy compliance.
• Actively monitor Assured Compliance Assessment Solution (ACAS) scans and collaborate with technical infrastructure teams to remediate identified vulnerabilities.
• Assist with and document regular Contingency Plan (CP) testing to ensure operational resilience and disaster recovery readiness.
• Support change management processes by assisting in the accurate completion and routing of all required engineering paperwork.
• Facilitate Cybersecurity Service Provider (CSSP) onboarding processes to align with organizational defense-in-depth strategies.
• Engage, coordinate, and maintain operational communication with various departments within Coast Guard Cyber Command (CGCYBER).
• Respond accurately and promptly to Cyber Operational Readiness Assessment (CORA) and broader CGCYBER data calls.
• Provide all requested technical security documentation to the primary Information Systems Security Officer (ISSO) to support overarching compliance.