Information System Security Officer

About The Position

Requirements

• 5+ years of experience in information assurance, cybersecurity, or serving as an ISSO on DoD or federal projects
• Experience developing and managing system security documentation, including System Security Plans (SSPs), Security Assessment Plans (SAPs), and POA&Ms
• Experience with tools supporting Zero Trust implementation, including identity management, endpoint detection, and security analytics solutions
• Experience conducting security compliance reviews and audits, and managing continuous monitoring solutions
• Knowledge of DoD RMF, NIST Special Publications (SP) 800-53 and 800-207, and cybersecurity frameworks
• Knowledge of Identity and Access Management (IAM), Multi-Factor Authentication (MFA), segmentation, and encryption techniques within Zero Trust architectures
• TS/SCI clearance
• Bachelor’s degree in Cybersecurity or CS

Nice To Haves

• Experience with cloud service providers such as AWS and DoD Cloud, and applying security controls for cloud-based systems
• Experience working with DevSecOps pipelines and security automation tools
• Experience in network security, firewalls, or access controls with a focus on Zero Trust principles
• Knowledge of current and emerging DoD policies, standards, and guidance on cybersecurity, including DoD Zero Trust Strategy and CMMC
• Possession of excellent communication skills, to convey cyber risks and solutions to non-technical audiences
• Industry-recognized Certifications such as CISSP, CISM, CISA, CCSP, CASP+, or similar Certifications

Responsibilities

• Support the integration and adoption of Zero Trust principles, ensuring all systems adhere to DoD cybersecurity mandates and frameworks.
• Maintain information system security policies, standards, and procedures, ensuring systems remain compliant with DoD directives such as Risk Management Framework (RMF), NIST 800-53, and Cybersecurity Maturity Model Certification (CMMC).
• Identify, track, and mitigate security risks, facilitating vulnerability assessments and penetration testing while ensuring compliance with DoD security requirements.
• Lead efforts to achieve and maintain system accreditation under DoD RMF guidelines, overseeing security documentation such as security plans, Plans of Action and Milestones (POA&Ms), and associated artifacts.
• Oversee continuous monitoring activities, incident response plans, and cybersecurity assessments.
• Work closely with system engineers, administrators, developers, and leadership to develop and apply security controls aligned with Zero Trust elements such as identity, endpoint, application, network, and infrastructure.

Benefits

• health
• life
• disability
• financial
• retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care
• recognition awards program