Information System Security Officer (ISSM)

Chenega CorporationBath Township, OH
Hybrid

About The Position

The Information System Security Officer (ISSM) is a critical leadership role responsible for establishing, implementing, and managing the information security program within the organization for the Air Force Research Laboratory (AFRL) at Wright-Patterson AFB, Ohio.

Requirements

  • Computer Science-based bachelor’s degree OR 6+ years of equivalent experience.
  • Expertise in cybersecurity principles, risk management, and compliance frameworks to protect the confidentiality, integrity, and availability of sensitive information and critical assets required.
  • Prior performance as an ISSM.
  • Current CompTIA Security + OR CySA+ certification required.
  • IAM Level III Baseline cert required.
  • Must possess and maintain a valid U.S. driver’s license.
  • Secret clearance with an ability to obtain TS/SCI is required.
  • Strong experience with security-relevant tools and software such as ACAS, Radix, SCAP, ESS, Elastic, eMASS, and PEGA.
  • Experience with Linux, Windows, and infrastructure virtualization required.
  • Experience with network devices and software from Fortinet, Cisco, Palo Alto, and Solar Winds.
  • Deep knowledge of NIST SP 800-37, NIST SP 800-53, FIPS 199, and FIPS 200.
  • Experience creating artifacts, control implementation details, policy documents, and POA&Ms.
  • Maintain a professional manner, have proper telephone, and email etiquette, customer service techniques, and organizational skills.
  • Must have strong written and oral communication skills to include the ability to read, write, speak, and understand the English language.
  • The ability to perform in a leadership capacity and be capable of directing contractor personnel and interfacing with the Government and customers.
  • Exceptional customer service skills.
  • Strong time-management and prioritization skills.
  • Ability to communicate applicable technical subject matter expertise to management and others.
  • Possess strong problem-solving skills.
  • Ability to learn and work in new digital environments as required.
  • Ability to self-start and work independently or as a team.
  • Ability to learn new systems and associated software applications for proficient execution of tasks and managing multiple tasks with time-related constraints in a fast-paced environment.
  • Ability to travel up to 10% as requested.

Responsibilities

  • Collaborate closely with cross-functional teams to assess security risks, develop mitigation strategies, and ensure compliance with regulatory requirements and industry standards.
  • Oversee the creation, execution, and assessment of policies for information security programs.
  • Create and maintain Assessment and Authorization (A&A) packages, Risk Assessment Reports (RARs), System Security Plans (SSPs), Security Controls Traceability Matrices (SCTMS), Plans of Action & Milestones (POA&Ms), Memorandums of Agreement (MOAs), policy documents, and other required system artifacts.
  • Manage the monitoring of information security systems using Elastic and other tools to maintain organizational situational awareness.
  • Develop and maintain technical user documentation and standard operating procedures (SOPs).
  • Assess threats and vulnerabilities to determine whether additional safeguards should be implemented.
  • Perform risk assessments on changes to information systems and their operating environments that could impact cybersecurity posture and system authorization.
  • Research and make recommendations regarding hardware and software required to securely operate and maintain the organization’s cybersecurity posture.
  • Routinely review Assured Compliance Assessment Solution (ACAS), vulnerability scans, and Security Technical Implementation Guides (STIGs), and update Plan of Action and Milestones (POA&M) accordingly.
  • Review and approve new user account requests.
  • Coordinate with approving officials on approval of external information systems, i.e., interconnected systems.
  • Provide guidance to customers on RMF requirements and assist with any security-related issues they may have.
  • Ensure configuration management (CM) for security-relevant changes to software, hardware, and firmware is properly documented.
  • Supervise and mentor Cybersecurity Specialists, Software Tester, and other staff as they perform cybersecurity-related duties.
  • Interface directly with sites’ security officers as well as DCSA representatives to ensure security requirements are consistently met and to conduct inspections as needed.
  • Act as the program’s designated Cybersecurity Liaison.
  • Ensure that all contractor staff servicing the organization are made aware of their duties, restrictions, procedures, and regulations relating to information security.
  • Implement and track compliance with network security directives.
  • Track and resolve malicious logic incidents.
  • Responsible for the resolution of classified spillage incidents that could be identified by either Government or Contractor personnel.
  • Author and maintain Policies, Processes, and Procedures within the organization's Strategic IT Management framework.
  • Maintain a neat, secure, and orderly facility.
  • Complete annual company and customer training requirements according to established policies and procedures, as required.
  • Record labor hours daily in an online corporate system.
  • Travel up to 10%.
  • Other duties as assigned.

Benefits

  • professional development
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service