Information Systems Security Officer (ISSO) - Navy

About The Position

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
• In-depth understanding of DoD RMF and experience managing system security documents, processes, and controls.
• Experience supporting ATO packages, compliance reports, and FedRAMP-related requirements.
• Strong troubleshooting and issue resolution skills in DoD environments, such as identifying and mitigating vulnerabilities.
• Knowledge of secure identity and access management systems (ICAM), and familiarity with protocols like OAuth2 and SAML.
• Strong technical writing and editing skills to support contract deliverables.
• Ability to support personnel security administration, including onboarding/offboarding and compliance with training mandates.
• Active Secret clearance required.

Nice To Haves

• Master’s degree in Cybersecurity or a related field.
• Relevant certifications, such as CISSP, Security+, or similar DoD 8570 qualifications.
• Prior experience working with U.S. Navy systems, command-and-control platforms, or logistics programs.
• Experience with static and dynamic code analysis tools as part of DevSecOps pipelines.
• Familiarity with IL5+ environments and managing secure cloud operations.
• AWS certification (e.g., Solutions Architect or Developer Associate).
• Knowledge of DoD software development life cycles, including Section 508 compliance or accessibility standards.

Responsibilities

• Serve as the primary cybersecurity expert for NADACS, ensuring system compliance with Department of Defense (DoD) Risk Management Framework (RMF) and FedRAMP requirements.
• Support the Program Management Office (PMO) by embedding cybersecurity best practices across NADACS, including staffing, contract management, corporate governance, onboarding, and offboarding activities.
• Regularly review, document, and update security plans, policies, and procedures to align with evolving DoD compliance mandates.
• Track and monitor compliance with client and cybersecurity training, as well as travel requirements for NADACS personnel.
• Conduct ongoing security assessments, audits, and vulnerability scans, ensuring compliance with DoD guidelines and identifying risks that require mitigation.
• Coordinate with leadership to support the submission and tracking of Authorization to Operate (ATO) packages for NADACS systems.
• Review and edit technical deliverables and ensure all cybersecurity artifacts meet client expectations and contractual requirements.
• Collaborate with Navy stakeholders, vendors, and PMO leadership to foster strong working relationships and maintain system security across operations.