Information System Security Office (ISSO)

About The Position

Requirements

• Active Top Secret Security Clearance.
• CompTIA Security+.
• Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent work experience).
• Minimum of 3–5 years of experience in information system security, cybersecurity, or IT security management.
• Experience supporting classified systems under the DoD Joint SAP Implementation Guide (JSIG) or ICD 503.
• Strong knowledge of NIST SP 800-53, Risk Management Framework (RMF), and relevant DoD cybersecurity policies.
• Experience with as eMASS, ACAS, Tenable/Nessus, Splunk, ManageEngine, or other compliance and vulnerability scanning tools.
• Strong communication and documentation skills.
• Understanding of networking, system administration, and security architecture principles.
• Working knowledge of both Windows and Linux Operating systems.
• Experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker.

Nice To Haves

• Experienced with Microsoft Word and Excel.
• Experienced with Adobe Professional, or other PDF editing software.

Responsibilities

• Implement, manage, and enforce cybersecurity policies and procedures for assigned systems.
• Coordinate with stakeholders to support achieving Approval to Operate (ATO), continuous monitoring, and system decommissioning.
• Develop and maintain system security plans (SSPs), risk assessments, contingency plans, Security Controls Traceability Matrixes (SCTM), and related documentation.
• Monitor system security controls and continuously assess the security posture of the system.
• Ensure compliance with applicable federal and DoD cybersecurity frameworks (e.g., NIST RMF, JSIG).
• Conduct vulnerability scans and recognize information system vulnerabilities.
• Review and analyze system audit logs to identify anomalous activity and potential threats to network resources.
• Participate in security control assessments and coordinate with the Information System Owner (ISO), System Administrator (SA), and Security Control Assessor (SCA).
• Report security incidents, conduct incident response coordination, and support remediation activities.
• Maintain awareness of cybersecurity threats and recommend mitigation strategies.
• Track Plans of Action and Milestones (POA&Ms) and ensure timely remediation.
• Support customer inspections.
• Provide security guidance and awareness to system users and technical staff.
• Request and track standard and privileged system users.

Benefits

• competitive compensation
• Health and Wellness programs
• Income Protection
• Paid Leave
• Retirement