Cybersecurity Information System Security Officer (ISSO)
About The Position
Nakupuna Prime is seeking a Cybersecurity Information System Security Officer (ISSO) to support the U.S. Army Combat Capabilities Development Command (DEVCOM) Artificial Intelligence Integration Center (AI2C). The candidate will serve as the ISSO for assigned DoD information systems, including cloud-based applications, and support Risk Management Framework (RMF) activities using Enterprise Mission Assurance Support Service (eMASS). This role involves maintaining RMF documentation, supporting governance, risk, and compliance (GRC) efforts, executing risk assessments, and preparing executive-level cybersecurity reports. The ISSO will also maintain cross-organizational communications and support cloud application security compliance.
Requirements
- Minimum of 2 years of experience serving as an Information System Security Officer (ISSO) within a DoD environment
- Demonstrated experience using eMASS to support RMF activities
- Experience supporting cloud applications within a DoD environment
- Experience supporting governance, risk, and compliance (GRC) activities
- Experience executing comprehensive risk assessments
- Experience preparing executive-level cybersecurity reports
- Experience maintaining cross-organizational communications with major Army entities
- Must be a U.S. Citizen
- Must possess and maintain an active Secret security clearance
- Must be eligible for access to SIPRNet as required
Nice To Haves
- Hands-on, practical cybersecurity experience preferred
- Experience supporting users in a DoD or Federal Government environment preferred
- Cloud-related Certs preferred
Responsibilities
- Serve as the ISSO for assigned DoD information systems, including cloud-based applications
- Support Risk Management Framework (RMF) activities using Enterprise Mission Assurance Support Service (eMASS)
- Maintain and update RMF documentation, including System Security Plans (SSPs), POA&Ms, Security Assessment Reports (SARs), and supporting artifacts
- Support governance, risk, and compliance (GRC) efforts to ensure systems meet DoD and Army cybersecurity requirements
- Execute comprehensive risk assessments, including control validation, vulnerability analysis, and risk impact evaluations
- Track and manage security control implementation and remediation activities
- Prepare executive-level cybersecurity reports and briefings outlining system posture, risk status, compliance metrics, and remediation progress
- Maintain cross-organizational communications with major Army entities, including Authorizing Officials (AOs), Security Control Assessors (SCAs), ISSMs, system owners, and program leadership
- Support cloud application security compliance efforts in accordance with DoD cloud security policies and FedRAMP requirements (as applicable)
- Assist with continuous monitoring activities and ensure findings are documented and resolved in accordance with established timelines
- Provide cybersecurity guidance to technical and operational teams to ensure secure system configurations and operations
Benefits
- The Nakupuna Companies use a market-based compensation strategy to ensure that our employees are compensated within applicable market ranges commensurate with multiple factors, including but not limited to the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability, organizational requirements, and position location.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
