Cybersecurity Information System Security Officer (ISSO)
About The Position
Nakupuna Prime is seeking a Cybersecurity Information System Security Officer (ISSO) to support the U.S. Army Combat Capabilities Development Command (DEVCOM) G6. The Cybersecurity Information System Security Officer (ISSO) is responsible for supporting the cybersecurity posture, compliance, and risk management activities of assigned information systems within a Department of Defense (DoD) environment. The ISSO works closely with the ISSM, system owners, and technical teams to ensure systems—particularly cloud-based applications—remain compliant with DoD and Army cybersecurity requirements. This role requires strong experience in governance, risk, and compliance (GRC), execution of risk assessments, and coordination across major Army entities.
Requirements
- The candidate must be self-motivated, customer-focused, and capable of working in a fast-paced Department of Defense (DoD) environment
- Minimum of 2 years of experience serving as an Information System Security Officer (ISSO) within a DoD environment
- Demonstrated experience using eMASS to support RMF activities
- Experience supporting cloud applications within a DoD environment
- Experience supporting governance, risk, and compliance (GRC) activities
- Experience executing comprehensive risk assessments
- Experience preparing executive-level cybersecurity reports
- Experience maintaining cross-organizational communications with major Army entities
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related technical discipline (or equivalent experience)
- Must be a U.S. Citizen.
- Must possess and maintain an active Secret security clearance
- Must be eligible for access to SIPRNet as required
Nice To Haves
- Hands-on, practical cybersecurity experience preferred
- Experience supporting users in a DoD or Federal Government environment preferred
- Cloud-related Certs preferred
Responsibilities
- Serve as the ISSO for assigned DoD information systems, including cloud-based applications
- Support Risk Management Framework (RMF) activities using Enterprise Mission Assurance Support Service (eMASS)
- Maintain and update RMF documentation, including System Security Plans (SSPs), POA&Ms, Security Assessment Reports (SARs), and supporting artifacts
- Support governance, risk, and compliance (GRC) efforts to ensure systems meet DoD and Army cybersecurity requirements
- Execute comprehensive risk assessments, including control validation, vulnerability analysis, and risk impact evaluations
- Track and manage security control implementation and remediation activities
- Prepare executive-level cybersecurity reports and briefings outlining system posture, risk status, compliance metrics, and remediation progress
- Maintain cross-organizational communications with major Army entities, including Authorizing Officials (AOs), Security Control Assessors (SCAs), ISSMs, system owners, and program leadership
- Support cloud application security compliance efforts in accordance with DoD cloud security policies and FedRAMP requirements (as applicable)
- Assist with continuous monitoring activities and ensure findings are documented and resolved in accordance with established timelines
- Provide cybersecurity guidance to technical and operational teams to ensure secure system configurations and operations
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
