Information Systems Security Officer (RMF) - Journeyman

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: Secret Eligible
• Required Certifications: DCWF Work Role 722-Information Systems Security Manager — Basic proficiency; must hold ONE OR MORE of the following: CC
• 3+ years of experience in information assurance
• Experience developing and maintaining RMF documentation packages, including SSPs, SCTMs, assessment artifacts, and POA&Ms.
• Experience maintaining cybersecurity authorization records in eMASS and supporting documentation quality throughout the system lifecycle.
• Experience coordinating with ISSMs, system owners, engineers, and Authorizing Officials to resolve findings and support authorization decisions.
• Experience tracking remediation activities and validating security control effectiveness to support continuous monitoring.
• Experience supporting security assessments, compliance reviews, audits, or inspections in a DoD or Federal cybersecurity environment.
• Familiarity with maintaining auditable evidence aligned with ongoing assessment and authorization activities.

Responsibilities

• Execute RMF activities for assigned systems in accordance with DoD and ARNG cybersecurity policy to support compliant, mission-ready operations across the ENOCS environment.
• Develop, update, and maintain RMF documentation, including System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), security assessment artifacts, and Plans of Action and Milestones (POA&Ms).
• Maintain accurate eMASS records and supporting authorization documentation throughout the system lifecycle to help sustain Authorization to Operate (ATO) status.
• Coordinate security control selection, implementation validation, and assessment support activities with system owners, ISSMs, engineers, and Authorizing Officials.
• Track remediation actions, document control deficiencies, and verify closure evidence to support continuous monitoring and auditable cybersecurity compliance.
• Support periodic security compliance reviews, vulnerability analysis, and ongoing maintenance of authorization activities in alignment with ENOCS RMF support processes.
• Assist with audit, inspection, and assessment preparation by organizing security artifacts, validating documentation accuracy, and ensuring traceability of corrective actions.
• Contribute to cybersecurity operations supporting classified and unclassified ARNG environments, including systems operating within established hosting platform ATO boundaries and SIPRNet-related mission environments where applicable.
• Coordinate RMF and compliance activities within the broader Task 3 cybersecurity mission supporting 24x7x365 cyber defense operations across the DoDIN-A(NG) area of responsibility in coordination with NETCOM Global Cyber Center and DISA DCDC.