Information System Security Officer (ISSO)

About The Position

Requirements

• A Bachelor of Science degree is preferred.
• 3+ years of full-time professional Information Technology or Information Security experience
• Active Secret Clearance
• Must be a U.S. citizen
• Must be willing to travel to support test events, as needed

Nice To Haves

• Proven experience in managing security compliance of Windows 11 systems and Linux (Ubuntu 22.04 LTS and Red Hat Enterprise Linux 9).
• Experience with patch management of diverse Windows and Linux environments
• Backup solution experience (e.g. Veeam)
• Vulnerability scanning experience using ACAS/Nessus, including scan configuration, result analysis, and remediation tracking
• Prior experience as an ISSO or in a supporting security role within a DCSA-authorized environment
• Familiarity with the NISP and DCSA oversight requirements
• Experience maintaining POA&Ms and continuous monitoring documentation
• CompTIA Security+ CE or equivalent certification (aligned with DoD 8140 IAT Level II)
• Excellent problem-solving skills and the ability to tackle complex technical challenges
• Strong communication skills and the ability to collaborate effectively with diverse teams
• A passion for technology and a commitment to staying updated on industry technologies and trends

Responsibilities

• Serve as the primary on-site POC for all classified information system compliance activities
• Maintain system accreditation packages and support ongoing Risk Management Framework (RMF) Authorization and Accreditation (A&A) activities within the National Industrial Security Program (NISP) instance of eMASS
• Scan and verify implementation of system hardening utilizing DISA Security Technical Implementation Guides (STIGs), ensuring compliance with the DCSA Authorization and Accreditation Guide (DAAG), government customer requirements, and company policy
• Conduct and document scheduled security control assessments in accordance with nSI’s organizational Continuous Monitoring strategy
• Manage and track hardware and software inventories for all assigned information systems
• Coordinate and support vulnerability scanning using Nessus; analyze results and assist in remediation tracking
• Maintain and update Plans of Action and Milestones (POA&Ms) for identified vulnerabilities and findings
• Administer and monitor endpoint malware protection solutions
• Support incident identification, response, and reporting in accordance with applicable policies
• Conduct patch management activities to ensure systems remain compliant with applicable security requirements
• Interface with engineering and program teams to coordinate security requirements and support planning, integration, and test activities
• Develop and maintain system security documentation, including System Security Plans, Standard Operating Procedures, and other artifacts required for authorization and continuous monitoring
• Travel occasionally to support customer testing events when systems are deployed off-site
• Communicate security requirements, findings, and compliance status to program leadership
• Be proactive in identification of problems and solutions

Benefits

• Competitive Wages
• Medical, Rx, Dental & Vision Insurance
• Medical plan with Health Savings Account eligibility
• Company-funded Life, Short-Term & Long-Term Disability Insurance
• Personal Time Off, Vacation, and Paid Holidays
• 401(k) Retirement Plan
• Employee Stock Ownership Plan (ESOP)
• Flexible Spending Accounts
• Norton LifeLock
• Tuition Reimbursement
• Personal Development, Technical Learning Opportunities, & Lunch-n-Learns
• Corporate Sponsored Events & Community Outreach