Information Security Support Officer (ISSO)

JCTM•San Antonio, TX

About The Position

The security of Information Technology assets in today’s information age is a top priority in aligning our military forces for the future operating environment. What if you could use your cybersecurity knowledge and experience to assist US Cyber Command in those efforts? Build Your Career At JCTM, we value knowledge, experience, integrity, and commitment. Joining our team means becoming part of an organization that empowers individuals, prioritizes ethical practices, and fosters a culture of collaboration and growth. Challenging Projects As an Information System Security Officer (ISSO) with JCTM, you will play a critical role in ensuring the security and compliance of information systems throughout their lifecycle. This position requires a deep understanding of risk management frameworks, cloud platforms, and cybersecurity practices, with a focus on maintaining and enhancing the security posture of our environments. You will provide impactful support to customers as they navigate ATO, cATO, and deployment processes in dynamic operational environments.

Requirements

Active TS/SCI Security Clearance
5+ years of relevant cybersecurity experience
Experience assessing technical environments and translating implemented security controls into clear NIST SP 800-53 control narratives and supporting ATO documentation
Hands-on experience with eMASS or Xacta for full system lifecycle activities
Experience with NIST 800-53 Rev5 and CNSSI 1253
Experience as an RMF Engineer, ISSO, and/or information assurance engineer
Familiarity with at least one cloud platform: AWS, Azure, or Google GCP
Experience with Air Force risk management policies and procedures, including DODI 8510.01, AFI 17-101, Fast Track ATO Handbook, and AF Continuous ATO Playbook
Ability to clearly articulate ideas for executive-level consumption
Ability to use prior experience and knowledge to address new situations, especially during client interactions
Bachelor’s degree in Information Security, Computer Science, or a related discipline; or in lieu of a degree, 3 additional years of equivalent industry experience

Nice To Haves

Knowledge of the Air Force A&A process and requirements
Familiarity with SIEM tools such as Splunk or Elastic
Experience with DoD DevSecOps Fundamentals Playbook
Experience applying DoD Fast Track ATO and Air Force Continuous ATO Playbook methodologies

Responsibilities

A&A Package Management: Create, manage, and maintain Authorization and Accreditation (A&A) packages, including System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Plans of Action and Milestones (POA&Ms), and other necessary artifacts.
eMASS/Xacta Data Management: Support the entry and maintenance of data in information system security systems of record such as eMASS or Xacta.
Lifecycle Cybersecurity Management: Drive cybersecurity activities across all phases of the system lifecycle including planning, development, deployment, and operations. Enforce system hardening and perform security analysis to ensure protection of the CIA triad.
Stakeholder Communication: Brief Information System Security Managers (ISSMs), Security Control Assessors (SCAs), and Authorizing Officials (AOs) on the cybersecurity posture of systems. Provide regular updates and insights.
Continuous Monitoring: Manage and implement Continuous Monitoring activities including periodic control reviews, audits, vulnerability scans, and penetration test report evaluations.
POA&M Development and Maintenance: Develop and maintain POA&Ms to track system vulnerabilities, mitigation efforts, remediation actions, and closures. Provide fix actions and compensating controls, perform reviews, and deliver briefings to stakeholders.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume