Information Systems Security Officer (ISSO)

About The Position

Requirements

• Must have an active and transferable U.S. government issued Secret security clearance at the time of application
• U.S. citizenship, as only U.S. citizens are eligible for a security clearance
• Bachelor’s degree in Cybersecurity, IT, Computer Science, or related field.
• 3+ years of experience as an ISSO supporting classified programs.
• IAM Level III Certification (CISSP, GSLC, or CISM).

Nice To Haves

• DCSA CDSE SFPC or NCMS ISP certification.
• Strong communication and collaboration skills
• Self-motivated and proactive.
• Familiarity with cloud security practices (e.g., Microsoft Azure, AWS).
• Experience with vulnerability management tools and system hardening.
• Experience in the semiconductor industry.
• Experience developing security documentation.

Responsibilities

• Support the full life-cycle Assessment and Authorization (A&A) process (Steps 1–6) to achieve and maintain an Authorization to Operate (ATO).
• Review, maintain, and update security documentation, including System Security Plans (SSP), Plan of Action and Milestones (POA&M), Security Assessment Reports (SAR), and Contingency Plans.
• Conduct periodic reviews of information systems to verify compliance with security authorization packages, including management of advanced cybersecurity tools for continuous monitoring (CONMON).
• Manage vulnerability scanning tools (e.g., ACAS/Nessus) and ensure patch management (IAVM) compliance, coordinating with IT staff to remediate weaknesses.
• Implement and validate NIST SP 800-53 controls and DISA STIGs.
• Ensure system users are trained and briefed on security awareness policies before being granted system access.
• Work with DCSA, ITPSO, ISSM, and the site Facility Security Officer (FSO) to ensure continuous compliance.