Information Systems Security Officer (ISSO) - Senior

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: Secret Eligible
• Required Certifications: DCWF Work Role 722-Information Systems Security Manager — Intermediate proficiency; must hold ONE OR MORE of the following: GMON, SecurityX / CASP+, CCISO, CCSP, CGRC/CAP, CISSO, Cloud+, GCSA, GSEC, Security+, SSCP
• 7+ years of experience in cybersecurity
• Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
• Experience implementing and sustaining security controls for information systems in accordance with RMF requirements.
• Experience developing and maintaining SSPs, control implementation documentation, continuous monitoring evidence, and related security artifacts.
• Experience managing POA&Ms and verifying remediation activities to support compliant system operation and authorization readiness.
• Experience supporting eMASS package maintenance, self-assessments, and ongoing authorization activities.
• Experience coordinating with system owners, engineers, SOC personnel, and assessment stakeholders to resolve compliance findings and maintain audit readiness.
• Experience supporting security compliance for enterprise environments spanning multiple sites, enclaves, or geographically distributed operations.
• Ability to document security status clearly and maintain accurate records for inspections, reviews, and continuous monitoring activities.

Responsibilities

• Implement and sustain security controls for assigned information systems and enclaves in accordance with DoD and ARNG cybersecurity policy and RMF requirements.
• Develop, maintain, and update system security documentation, including System Security Plans (SSPs), control implementation artifacts, continuous monitoring evidence, and related authorization package materials.
• Track, manage, and update Plans of Action and Milestones (POA&Ms), validate remediation actions, and document control effectiveness to support ongoing authorization and compliance.
• Coordinate with system owners, engineers, SOC personnel, and Authorizing Officials to support security assessments, inspections, reviews, and authorization activities across the system lifecycle.
• Maintain eMASS records with required DoD artifacts, security plans, self-assessments, and supporting evidence to enable continuous assessment and audit readiness.
• Support continuous monitoring activities by collecting, organizing, and validating evidence aligned to approved risk thresholds and RMF requirements for assigned systems.
• Partner with cybersecurity operations teams supporting USIEM-enabled monitoring and incident workflows to ensure security findings, vulnerabilities, and control deficiencies are accurately reflected in system compliance documentation.
• Support security posture maintenance for systems operating in classified and unclassified environments, including ARNG enclaves supporting SIPRNet operations and broader DoDIN-A(NG) mission requirements.
• Coordinate with cybersecurity stakeholders and external organizations, including the NETCOM Global Cyber Center and DISA DCDC, as required to support compliance, reporting, and defensive cyber operations across the ARNG enterprise.