Information System Security Officer(ISSO)

About The Position

Requirements

• TS/SCI with Poly Clearance Required
• 6+ years in cybersecurity, information systems security, or security engineering
• Regulatory Knowledge: Expertise with ICD 503, JSIG, DAAPM, and other USG regulations
• Expertise with system vulnerability and compliance tools such as SCAP Compliance Checker, STIG Viewer, Nessus, and Splunk
• Advanced knowledge of operating system security features within Windows, Linux, and other platforms
• DoDM 8140.03 IAM Level III certification or ability to obtain within six months of hire

Nice To Haves

• Experience with system forensic tools and investigation methodologies
• Practitioner-level knowledge of NIST special publications, CNSS policies, and other cybersecurity standards

Responsibilities

• Draft, update, and submit RMF bodies of evidence, including SSPs, POAMs, SCTMs, SOPs, ConOps, and test plans, ensuring timely approval by our AOs.
• Execute A&A, system security configurations, and continuous monitoring activities, enhancing cyber hygiene and mitigating vulnerabilities.
• Lead cybersecurity compliance assessments per USG directives and corporate policies, correcting perceived vulnerabilities and executing corrective action plans.
• Serve as a subject matter expert on a broad range of cybersecurity topics, representing the cybersecurity organization to internal customers.
• Monitor cyber incidents and carry out response activities, including investigation, containment, and resolution under the direction of the IR team.
• Work closely with internal stakeholders, including IT, PMs, and senior leaders.