Information Assurance/Security Specialist-Expert (ISSO)

About The Position

Requirements

• Experience supporting A&A/ATO processes within federal environments (DOE/NNSA preferred).
• Strong understanding of federal cybersecurity frameworks, risk management, and compliance requirements.
• Ability to create clear, accurate, and technically sound security documentation.
• Experience supporting audits, external reviews, and POA&M management.
• Strong communication skills with the ability to brief technical and non-technical stakeholders.
• Ability to negotiate policy, documentation, and training across diverse stakeholder groups.
• A notification to prospective applicants that reviews, and tests for the absence of any illegal drug as defined in 10 CFR 707.4, will be conducted by the employer and a background investigation by the Federal government may be required to obtain an access authorization prior to employment, and that subsequent reinvestigations may be required. The position is covered by the Counterintelligence Evaluation Program regulations at 10 CFR part 709, the announcement should also alert applicants that successful completion of a counterintelligence evaluation may include a counterintelligence-scope polygraph examination.
• Executive Order 11246: This position and all hiring decisions will be made without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
• As a federal contractor, we comply with Section 503 of the Rehabilitation Act and VEVRAA. No disability-related inquiries will be made prior to a conditional offer of employment, except as permitted by applicable law.
• Employee Rights Under the National Labor Relations Act (NLRA): As a federal contractor, the Company complies with Executive Order 13496 and informs employees of their rights under the National Labor Relations Act. Information regarding these rights is available at the workplace and from the National Labor Relations Board.
• This position is covered by the Service Contract Labor Standards (SCLS). Compensation and fringe benefits will be provided in accordance with the applicable U.S. Department of Labor wage determination and any applicable collective bargaining agreement.

Responsibilities

• Implement DOE and NNSA cybersecurity policies and procedures for assigned information systems.
• Lead A&A activities, ensuring systems meet federal and organizational security requirements.
• Maintain all ATO documentation, including security plans, access control records, and configuration management artifacts.
• Manage and track POA&M items; assist in completing remediation activities where possible.
• Conduct risk assessments, identify vulnerabilities, and recommend mitigation strategies.
• Perform cybersecurity tests and assessments; provide actionable results to the ISSM.
• Evaluate the security impact of proposed system changes and recommend risk-based solutions.
• Develop and deliver cybersecurity training based on user roles and responsibilities.
• Respond to security incidents, document findings, and support incident resolution.
• Create and maintain security processes, procedures, disaster recovery plans, and incident response plans.
• Support audits and external reviews; manage findings and drive favorable outcomes.
• Develop new policies, documentation, and training materials when required, ensuring alignment across contractor and federal stakeholders.
• Communicate cybersecurity status, risks, and mitigation strategies clearly to leadership and stakeholders.
• Lead and mentor assigned resources (2 FTEs), ensuring high-quality documentation and successful security outcomes.

Benefits

• Medical
• dental
• vision
• 401k