Cybersecurity Information System Security Officer (ISSO)

About The Position

Requirements

• Active Secret clearance required with the ability to obtain and maintain a Top-Secret clearance
• Minimum of 3-years of experience as an ISSO, ISSM, or equivalent role on DoD information systems
• Demonstrated experience taking systems through the RMF process and achieving/maintaining ATO
• Hands-on experience authoring and maintaining SSPs, SARs, POA&Ms, and Continuous Monitoring documentation
• Working knowledge of NIST SP 800-53, NIST SP 800-37, CNSSI 1253, and applicable DoD/CJCS issuances
• Experience using eMASS, Xacta, or equivalent governance, risk, and compliance (GRC) tooling
• DoD 8570/8140 IAM Level II certification (Security+ CE, CAP, CASP+, or equivalent) at time of hire
• Applicants must meet eligibility requirements for a U.S. Government security clearance.
• Only US Citizens are eligible for a security clearance.
• For this position, LMI will only consider applicants with security clearances or applicants who are eligible for security clearances, due to the nature of the work.

Nice To Haves

• Active DoD Top-Secret Clearance
• Bachelor’s or Master’s Degree in Cybersecurity, Information Systems, or related field
• DoD 8570/8140 IAM Level III certification (CISSP, CISM, or equivalent)
• Experience supporting Special Operations, Intelligence Community, or Combatant Command customers
• Experience with cloud ATOs in Azure Government, AWS GovCloud, or Microsoft 365 GCC High
• Familiarity with DevSecOps, CI/CD security gates, and continuous ATO (cATO) approaches
• Prior experience as a Security Control Assessor (SCA) or assessment team member

Responsibilities

• Responsible for the day-to-day security operations of one or more information systems and for maintaining the system’s Authorization to Operate (ATO) under the DoD Risk Management Framework (RMF).
• Serve as the primary point of contact for the ISSM, the Authorizing Official’s representative, and the engineering team on all matters of system security.
• Develop and maintain the full body of RMF artifacts—System Security Plan (SSP), Security Assessment Plan (SAP), Plan of Action and Milestones (POA&M), Continuous Monitoring strategy, Privacy Impact Assessment, and Contingency Plan—and shepherd packages through eMASS or equivalent.
• Track vulnerabilities, IAVMs, and STIG compliance; manage POA&M closure; coordinate audits and assessments; and review system changes for security impact.
• Translate policy (NIST 800-53, CNSSI 1253, DoDI 8500.01, 8510.01) into clear engineering guidance.
• Proactively solve unusual and/or complex problems with little or no direction given and operate effectively in a fast-paced technical environment supporting senior military leadership.
• Partner closely with the Cybersecurity Engineer, the engineering team, and government stakeholders to keep the system secure, compliant, and operational.

Benefits

• LMI is an Equal Opportunity Employer, where all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.