Information Systems Security Officer (ISSO) - Secret Clearance - Remote
Diversified Technical Services, Inc•San Antonio, TX
11d•Remote
About The Position
DTSI is seeking a highly technical Information Systems Security Officer (ISSO) to serve as the primary authority for the cybersecurity architecture, risk posture, and compliance of assigned information systems. This role is hands-on and technical in nature, requiring in-depth knowledge of system architectures, operating systems, networks, and security tooling to effectively assess, implement, and validate cybersecurity controls. The ISSO will be responsible for ensuring information systems are securely implemented, and maintained in accordance with DoD, NIST SP 800-53 (Rev 5), ICD 503, and RMF requirements. This position supports the full system lifecycle and works closely with system engineers, administrators, and program stakeholders to ensure confidentiality, integrity, and availability (CIA) of mission-critical systems and data.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
- 5+ years of relevant cybersecurity experience, with at least 1 year in a senior ISSO capacity.
- In-depth understanding of DoD RMF (NIST SP 800-37), NIST SP 800-53 controls, and related frameworks for revisions 4 AND 5.
- Experience managing system accreditation and continuous monitoring activities in highly regulated environments.
- 8+ years' experience with implementing/assessing security controls assessment for eMASS (preferred)
- Knowledge of DISA Risk Management Framework (RMF) and Security Technical Implementation Guides (STIGs)
- Knowledge of the DISA Cyber Exchange (formerly IASE)
- Knowledge of the FedRamp IL4 and IL5 requirements
- Strategic cybersecurity knowledge
- Master of regulatory compliance and RMF expertise
- Risk management and mitigation
- Incident response coordination
- Technical writing and documentation excellence
- Team development and cross-functional collaboration
- Proficiency in maintaining accreditation artifacts in eMASS, ensuring full compliance with DISA ATO procedures.
- Master level knowledge of DISA STIGs, SRGs, CC SRG, and Cybersecurity Service Provider (CSSP) requirements.
- Working knowledge of DoD Cloud Computing Impact Level IL5 and FedRAMP Moderate controls.
- Strong background applying and validating security controls via: ACAS (vulnerability scanning) STIG Viewer (security configuration compliance) HBSS / ESS (monitoring and alerting)
- Active Secret Clearance
- DoD 8570 IAT Level II Certification: Security+ce or higher
Responsibilities
- Develop a technical understanding of system architectures, applications, operating systems, and network components to respond to Information Assurance (IA) inquiries, DISA Technical Orders (DTOs), and RMF artifacts.
- Manage the cybersecurity program for assigned systems across the entire system lifecycle (design, development, deployment, operations, sustainment, and decommissioning).
- Author, review, and maintain System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Continuous Monitoring (ConMon) strategies, POA&Ms, updating and supporting all RMF documentation.
- Understand the technology to support system authorization (ATO) efforts under the DoD RMF, including control selection, implementation validation, and assessor coordination.
- Perform technical risk assessments and vulnerability analyses, correlating scan results, STIG findings, and architectural weaknesses to actionable mitigation strategies.
- Review, validate, and report STIG and SRG findings, and manage artifacts within eMASS.
- Conduct and oversee security control assessments, vulnerability scanning, and configuration compliance validation using tools such as:
- Support incident response activities, including technical analysis, reporting, coordination with CSSPs, and remediation tracking.
- Monitor system security posture through continuous monitoring, metrics analysis, and compliance reporting.
- Support Security Readiness Reviews (SRRs) and Command Cyber Readiness Inspections (CCRIs), including preparation, technical evidence collection, and remediation.
- Maintain and update Configuration Management Plans, contingency plans, and conduct system contingency exercises.
- Provide technical and executive-level briefings on system risk posture, vulnerabilities, and remediation status to senior leadership.
- Stay current on emerging threats, vulnerabilities, and DoD cybersecurity directives, ensuring proactive system protection.
Benefits
- 401(k) Retirement Plan with Employer Contribution
- Paid Vacation Time
- Paid Federal Holidays
- Paid Sick Leave
- Health Insurance
- Dental & Vision Insurance
- Short and Long Term Disability
- Life Insurance
- Supplemental Insurance (Accidental, Hospital Confinement, Cancer Assistance, Critical Illness)
- Certification & Tuition Reimbursement
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Job Search Resources
Similar Information Systems Security Officer (ISSO) - Secret Clearance - Remote job opportunities
Explore More Jobs
