Information Systems Security Officer (ISSO) - SECRET CLEARANCE
About The Position
RCG is a fast-growing federal contracting firm proudly Certified as a Great Place to Work . We are committed to fostering a culture of innovation, inclusion, and excellence. At RCG, we deliver technology and mission support services that help government agencies succeed. We are currently seeking an Information Assurance Engineer / Information Systems Security Officer (ISSO) to support our federal government customer in Suitland, MD . This role follows a hybrid schedule , requiring two (2) days on-site and three (3) days of telework each week. Due to the secure nature of this government agency, all candidates must be U.S. Citizens and able to successfully pass the required background investigation. This role is ideal for a seasoned Information Assurance professional with strong experience supporting FISMA systems in a cloud-based environment . The ISSO will serve as a subject matter expert (SME), advising system development teams on security best practices, regulatory requirements, and compliance standards while supporting Security Assessment & Authorization (SA&A) activities for new and existing systems. The successful candidate will help maintain an appropriate security posture, manage security-related change requests, and support system authorization efforts across evolving threat landscapes.
Requirements
- Active Secret clearance (REQUIRED).
- U.S. Citizenship required.
- Bachelor’s degree in a technical field (e.g., Engineering, Computer Science) or 10 years of experience in IT systems engineering or IT security architecture.
- 6+ years of hands-on experience in information assurance or information security.
- Demonstrated ISSO experience supporting FISMA systems .
- Strong expertise in cloud architecture, cloud engineering, and cloud compliance.
- Ability to work in a hybrid environment (on-site and telework).
- Excellent interpersonal skills with demonstrated ability to collaborate across teams and organizations.
- Strong verbal and written communication skills in English.
- CISSP or equivalent security certification
Nice To Haves
- Experience supporting cloud systems in AWS environments.
- AWS Cloud Practitioner or Essential certification.
- Certificate of Cloud Knowledge (CCAK) Plus.
- Certified Cloud Security Professional (CCSP).
Responsibilities
- Serve as an Information Assurance SME for systems development projects in a cloud-based environment.
- Review proposed systems, networks, and software for potential security risks and advise on secure product selection and implementation.
- Define system scope and required level of detail for security plans and documentation.
- Manage and analyze Change Requests (CRs), assessing security impact and required updates to system posture.
- Provide Security Assessment & Authorization (SA&A) support for new and existing systems.
- Identify, develop, and maintain required security artifacts for authorization packages.
- Prepare and review System Security Plans (SSPs), including FIPS 199, FIPS 200, and E-Authentication documentation.
- Coordinate and participate in Security Test & Evaluation (ST&E) activities and review ST&E reports.
- Perform vulnerability assessment reviews and generate reports for System Owners and key stakeholders.
- Validate system hardening, patching, and compliance with applicable security requirements and checklists.
- Report status, findings, and risk posture to the Program Manager and Deputy Program Manager.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
