Information Systems Security Officer (ISSO) – Intermediate (Info. Systems & Cyber Security, Associate)

The MIL Corporation-posted 4 months ago
$115,000 - $145,000/Yr
Full-time • Mid Level
Norfolk, VA
501-1,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The MIL Corporation seeks an Information Systems Security Officer (ISSO) – Intermediate (Info. Systems & Cyber Security, Associate) to support cybersecurity operations for a Federal Government client in Norfolk, VA. The ISSO ensures cybersecurity for assigned systems, reporting to the Program Manager/System Owner (PM/SO). Responsibilities include feature deployment, security policy implementation, and RMF compliance. The ISSO may delegate tasks during Assessment and Authorization (A&A) but remains accountable. The ISSO may act as a Validator or SCA Liaison, not both, for the same system. This position currently requires a hybrid schedule, with 4 days on-site. This hybrid position may require schedule changes based on contract needs. Schedule is subject to change based on company/contract requirements.

  • Collaborate with SOC stakeholders (systems administration, network, security, infrastructure teams, Enterprise Help Desk, program managers, and business unit sponsors).
  • Ensure DoN Authorization to Operate (ATO) compliance Commander, Navy Installations Command (CNIC) operational IT boundaries per applicable directives.
  • Provide expertise in RMF processes, guiding system owners through steps 1–5, including categorization, control selection, and eMASS documentation.
  • Conduct continuous monitoring, vulnerability scanning, STIG/patch application, and manage findings in eMASS and VRAM.
  • Maintain and update POAMs and configuration management plans, ensuring timely milestone completion.
  • Evaluate threats, vulnerabilities, and security findings, providing recommendations to enhance IT resource protection.
  • Ensure compliance with Department of Navy (DoN) and DoD cybersecurity policies, verifying user clearances and training.
  • Assemble and submit Security Authorization Packages, registering and maintaining systems in eMASS.
  • Execute annual security reviews, control testing, and contingency plan testing per FISMA requirements.
  • Correlate non-RMF vulnerability assessment findings (e.g., penetration testing, CCORI) to RMF controls for holistic risk assessment.
  • 7 years of relevant experience in cybersecurity or related fields
  • Active Security+ Certification (IAT Level II)
  • Expertise in RMF processes and tools (e.g., eMASS, VRAM, NESSUS) and compliance frameworks (e.g., CNSS 1253, FIPS 199, STIGs)
  • Strong understanding of DoD, DoN, and CNIC cybersecurity directives, processes, and business rules
  • Proven experience creating and maintaining RMF artifacts, managing vulnerabilities, and maintaining configuration management plans
  • Strong communication skills for effective collaboration with team members
  • CISSP Certification
  • Hands-on experience with the U.S. Navy Risk Management Framework Process Guide (RPG) NAO process and procedures
  • Health insurance
  • Life insurance
  • Disability insurance
  • Retirement plans
  • Paid time off
  • Opportunities for professional growth
  • Tuition assistance
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service