Information System Security Officer (ISSO)

About The Position

Requirements

• IAT Level II: Baseline Certification ‐ IAW DoD 8140.01 or higher required – Current DoD approved IA baseline certification (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP).
• Must possess and maintain training and certifications sufficient to be granted privileged access to Marine Corps information technology (IT) and information systems (IS) and be able to obtain a Marine Corps Compliance and Authorization Support Tool (MCCAST).
• At least three years of experience in IT, which should include successful experience as an enterprise team member or lead.
• Well-versed in USMC eMASS and DoD cyber security compliancy, instructions, policies and regulations.
• Prior military experience as senior 0679, 0699 or equivalent.
• Proficient in MS Word, Outlook, Excel, PowerPoint, Visio, Project, and SharePoint.
• Strong communication and presentation skills. Able to read, write, and communicate effectively in English. Able to design and write clear communications and present training programs.
• Excellent organizational, planning, problem-solving, prioritization, interpersonal skills, and able to instinctively adapt, plan, inform and influence.
• Required to sit for extended periods of time and maintain focus
• Daily travel in local area during work day (including use of personal vehicle)
• Be able to work an unstable schedule, to include holidays and weekends.
• CONUS and OCONUS travel may be required for up to three weeks at a time (or longer).
• Qualification as an authorized company driver is required. All authorized company drivers must have a valid driver’s license, current automobile insurance, and a driving record that is acceptable to the company’s auto insurance provider.
• A Secret security clearance is required for this position.
• This position also requires a completed Personnel Security Investigation that will qualify the incumbent to be eligible for access to at least the TS-SCI level, and the individual must be read-in for NATO level access.

Responsibilities

• Provide Cyber Security technical and management support to MSTP, ensuring compliance with the RMF, NIST, DoD and Marine Corps standards to establish or sustain ATOs.
• Deliver cybersecurity and IA training, guidance, and reporting for MSTP personnel; monitor and report compliance with MCCOG/MCEN Operational Directives (OPDRs).
• Maintain and update POA&Ms, ensuring timely remediation of client, server, and network vulnerabilities through automated scanning tools and manual compliance checks.
• Run, review, and report on vulnerability and compliance scans using ACAS or other approved solution(s) and provide weekly ISSO reports and daily status updates as needed.
• Oversee patch management using Microsoft SCCM to ensure OPDIR compliance, reduce vulnerabilities, and support daily operations, training events, and exercises.
• Implement IAVAs, OPDIRs, DISA STIGs, patches, and industry best practices to maintain cybersecurity compliance across BSC/CAST information, C2, and simulation systems.
• Configure, operate, and troubleshoot HBSS client/server policies for compliance.
• Draft and submit cybersecurity incident and violation reports to government representatives, ensuring timely corrective actions.
• Verify that all personnel accessing information systems meet required DoD 8570/8140, SECNAV M5239.2, and HQMC ECSM 024 cybersecurity workforce certification standards.
• Maintain historical documentation of all MSTP DIACAP and RMF A&A packages and ensure MCCAST submissions are accurate and ready for signature.
• Maintain consistent IT asset reporting and patch coverage across operating systems and applications to ensure secure management across all MSTP locations.
• Design, deploy, and manage SIEM capabilities to support system monitoring, reporting, and cybersecurity compliance across MSTP information systems.