Information Systems Security Officer (ISSO)
About The Position
The Information Systems Security Officer (ISSO) supports the Hill CEDC IT Operations & Maintenance contract at Hill AFB by providing cybersecurity oversight, compliance management, and RMF execution for the Industrial Depot Maintenance (IDM) project. This role implements and maintains cybersecurity controls, manages RMF documentation and continuous monitoring activities, oversees vulnerability remediation, and ensures security compliance across mission‑critical systems supporting IDM operations. The ISSO ensures all cybersecurity activities align with RMF requirements, DoD policies, and Hill CEDC operational readiness objectives.
Requirements
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, Information Assurance, or related field.
- 5+ years of experience supporting information assurance, cybersecurity, or information systems security activities.
- Experience supporting DoD RMF processes and security authorization activities.
- Knowledge of NIST cybersecurity frameworks, controls, and federal information security requirements.
- Experience conducting vulnerability management, security compliance assessments, and remediation tracking.
- Familiarity with STIGs, vulnerability scanning tools, and security compliance reporting.
- Understanding of enterprise IT operations, including systems, networks, storage, virtualization, and cloud technologies.
- Experience supporting Configuration and Change Management processes.
- Strong analytical, troubleshooting, and risk assessment skills.
- Excellent written and verbal communication skills with the ability to prepare security documentation and reports.
- Familiarity with Agile methodologies.
- Must possess a Secret clearance.
- Must be able to pass a pre‑employment drug test.
- Must be a U.S. citizen.
Nice To Haves
- Master’s degree in Cybersecurity, Information Assurance, Information Systems, or related discipline.
- Current DoD 8570/8140‑compliant certification such as Security+, CISSP, CAP, CASP+, or equivalent.
- Experience supporting Air Force, DoD, or federal enterprise IT environments.
- Experience with eMASS, ACAS, HBSS/ESS, or similar cybersecurity tools and platforms.
- ITIL Foundation or ITIL Managing Professional certification.
Responsibilities
- Manage the full RMF lifecycle for IDM systems, including categorization, control selection, implementation, assessment, authorization, and continuous monitoring.
- Maintain ACAS, HBSS/ESS, and SCAP compliance posture across IDM‑supported systems.
- Ensure STIG compliance and maintain POA&Ms, tracking remediation efforts through completion.
- Monitor IDM information systems for compliance with applicable cybersecurity policies, standards, and regulations.
- Conduct vulnerability assessments and coordinate remediation with system owners and technical teams.
- Review security configurations, system changes, and architecture modifications to ensure alignment with approved security baselines.
- Support security authorization activities, continuous monitoring programs, and cybersecurity inspections.
- Analyze security alerts, findings, and incidents and coordinate corrective actions as required.
- Assist with implementation and validation of STIGs and other security requirements.
- Maintain cybersecurity documentation, evidence, and traceability records to support audit readiness and RMF compliance.
- Coordinate with the IDM Project Manager, system administrators, and cybersecurity personnel to ensure secure system operation and sustainment.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
