Information System Security Officer (ISSO)

About The Position

Requirements

• Minimum of 4 years' experience in ISSM/O roles
• Proven experience in obtaining and maintaining ATO for classified government cloud systems, adhering to DoD policies such as Risk Management Framework (RMF), NIST 800-53 Rev 4 and 5, NIST 800-37, NIST 800-60 and more
• Skilled in crafting eMASS packages and implementing DISA STIGs
• Proficient in conducting risk assessments, audits, and compliance monitoring within DoD environments
• Demonstrated proficiency in managing and creating Body of Evidence (BOE) artifacts, including POA&Ms, SSPs, RARs, Vulnerability Assessments, Security Assessment Plans, etc.
• Understanding of and experience with SIEM tools such as Splunk, Grafana, or ELK
• Proficient in conducting continuous monitoring activities such as auditing, configuration reviews, policy & procedure reviews, etc.
• Demonstrated experience managing compliance activities for both on-prem & cloud-based (AWS) systems & networks
• Track record of leading programs/projects in attaining ATO
• Experience conducting internal self-assessments and audits with external assessors
• In-depth understanding of Network Rules, Platforms, and Application development
• Familiarity with cloud-native, scalable services
• Experience with common cybersecurity tools and technologies such as vulnerability & compliance scanners, anti-malware, code analyzers, IDS/IPS, DLP, SBOM, etc.
• Experience building and maintaining Standard Operating Procedures
• Obtain Security+ or other DoD 8570 IAT Level II or higher certification within 6 months of employment with Raft

Nice To Haves

• Bachelor’s degree in Cybersecurity, Information Assurance, Information Technology, or a related field.
• CISSP, CISM, CISA, CGRC, or other DoD 8570 IAM Level 2 or higher certifications
• Experience in a K8s DevSecOps environment, preferably with Platform One
• Experience with FIPS (Federal Information Processing Standards)
• Experience with writing/reviewing RMF control policies
• Experience with Executive leadership (PMO office)
• Knowledge of Cloud platforms and migrations
• Previous experience as a Solution Architect
• Engineering background
• Experience in a software factory setting

Responsibilities

• Manage the security aspects of our cutting-edge platforms and systems
• Generating and maintaining the necessary artifacts to achieve and sustain Authority to Operate (ATO)
• Collaborate with our development team to ensure the seamless integration of security controls early in the development lifecycle
• Audit and monitor all of the platforms & tooling across the customer environment

Benefits

• Highly competitive salary
• Fully covered healthcare, dental, and vision coverage
• 401(k) and company match
• Take as you need PTO + 11 paid holidays
• Education & training benefits
• Generous Referral Bonuses
• And More!