Information System Security Officer (ISSO)

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, Information Systems, Engineering, or related technical field.
• Minimum 5 years of experience supporting cybersecurity, RMF, or Information Assurance activities within DoD or Federal environments.
• Working knowledge of RMF processes, NIST SP 800-53 controls, STIG implementation, and DoD cybersecurity requirements.
• Experience supporting Windows and/or Linux-based systems and enterprise network environments.
• Familiarity with vulnerability management and cybersecurity tools such as ACAS/Nessus, HBSS, Splunk, or related technologies.
• Strong analytical, troubleshooting, organizational, and documentation skills.
• Effective verbal and written communication skills with the ability to work in integrated government-contractor teams.
• Active SECRET clearance required.
• U.S. Citizenship required.

Nice To Haves

• Ability to obtain and maintain TOP SECRET clearance preferred.
• Current DoD 8570/8140 compliant certification such as Security+, CySA+, CASP+, CEH, or equivalent.
• Experience supporting Army Aviation, S3I, AvMC, HWIL/JSIL, mission planning systems, or systems integration laboratory environments.
• Familiarity with DevSecOps concepts, software assurance, and secure development practices.
• Experience supporting both classified and unclassified systems.
• Knowledge of Army cybersecurity policies including AR 25-2 and RMF implementation guidance.

Responsibilities

• Support implementation and maintenance of cybersecurity controls for mission systems, development environments, servers, and laboratory networks.
• Assist with development, review, and maintenance of RMF documentation including System Security Plans (SSPs), POA&Ms, Security Control Traceability Matrices (SCTMs), and supporting cybersecurity artifacts.
• Support compliance with DoD cybersecurity policies, NIST SP 800-53 controls, STIG requirements, and Army cybersecurity guidance.
• Assist with maintaining systems in compliance with Authorization to Operate (ATO) requirements.
• Conduct vulnerability scans, configuration reviews, and security assessments utilizing tools such as ACAS/Nessus, HBSS, SCAP, or similar cybersecurity tools.
• Track, document, and assist with remediation of cybersecurity findings and vulnerabilities.
• Support continuous monitoring activities and maintain cybersecurity status reporting for supported systems.
• Review audit logs, scan results, and system reports to identify security concerns and compliance gaps.
• Work with software developers, systems administrators, network engineers, and integration lab personnel to support secure system configurations and cybersecurity best practices.
• Assist with implementation of cybersecurity requirements within software development, virtualization, and systems integration environments.
• Support configuration management and cybersecurity change management activities for system updates and modifications.
• Assist with cybersecurity incident response activities including reporting, documentation, and remediation support.
• Support investigations related to cybersecurity events, vulnerabilities, and policy compliance issues.
• Maintain cybersecurity documentation, records, and supporting artifacts required for audits and inspections.
• Coordinate with ISSMs, government cybersecurity personnel, and engineering teams to ensure cybersecurity objectives and compliance requirements are met.
• Participate in technical meetings, cybersecurity reviews, and program status briefings as required.
• Support cybersecurity awareness efforts and assist users with cybersecurity-related procedures and compliance practices.

Benefits

• full coverage medical insurance
• paid leave
• paid holidays
• multiple retirement plan options
• short-term and long-term disability
• life insurance
• career development and recognition programs
• flexible work schedules
• company-sponsored events
• educational assistance