Information Systems Security Officer (ISSO)

About The Position

Requirements

• Foundational experience supporting cybersecurity, RMF, ISSO, or related DoD security functions (junior roles, internships, or equivalent experience acceptable).
• Experience requirements based on education:
• 0–2 years with BA/BS, or 0–1 year with MS/MA, or 3 years with AS/AA, or 5 years without a degree.
• Ability to obtain DoD 8140 alignment for WRC 462, Control Systems Security Specialist (Advanced).
• Ability to obtain DoD IA baseline certification (ADP‑III/IT‑III) and required OS/CE certifications within six months.
• An active TS/SCI is required

Responsibilities

• Assist in RMF activities across assigned systems, supporting authorization and compliance efforts.
• Help develop and maintain RMF documentation including SSPs, SARs, POA&Ms, and evidence packages.
• Support security control assessments by gathering artifacts, tracking findings, and ensuring alignment with system requirements.
• Assist with preparing IATT, ATO, and ATC submission materials and maintaining documentation accuracy.
• Work with ISSOs, ISSEs, system owners, and cybersecurity teams to understand and implement RMF requirements.
• Research emerging cybersecurity threats and assist in recommending mitigation strategies.
• Support CORA assessments, IG inspections, and other official audits and evaluations.
• Assist with applying STIGs, reviewing scan results, and completing remediation actions.
• Help maintain compliance repositories, audit evidence, and configuration management artifacts.
• Use RMF and cybersecurity tools such as eMASS, Xacta, Archer GRC, STIG Viewer, SCAP tools, ACAS/Nessus, CMDBs, and SIEM monitoring dashboards.
• Contribute to continuous monitoring tasks, documentation updates, and security process improvements.