Information Systems Security Officer (ISSO)

About The Position

Requirements

• Active Secret or Top Secret clearance.
• 3–5 years of RMF/ATO experience within DoD or federal environments.
• Hands-on experience with eMASS.
• Working knowledge of NIST SP 800-53r5 and DoD RMF processes.
• Demonstrated ability to independently author SSPs and manage POA&Ms.
• DoD 8140.03M DCWF Basic tier certification — CEH.
• DoD 8140 Interim Education Options.

Nice To Haves

• DoD 8140.03M DCWF Intermediate tier certification — one of: CEH(P), RCCE Level 1, Cloud+, CPTE, FITSP-A, GCED, GCIH, GCSA, GICSP, GSEC, PenTest+, or Security+.
• Bachelor’s degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering.
• Experience with eMASSer or similar RMF automation tooling.
• Exposure to cloud-hosted or hybrid system authorization boundaries.
• Familiarity with the DoD RMF Knowledge Service.

Responsibilities

• Develop, maintain, and update System Security Plans (SSPs) for assigned systems.
• Manage Plans of Action & Milestones (POA&Ms) from identification through remediation and closure.
• Compile and submit Authorization to Operate (ATO) packages.
• Conduct continuous monitoring activities per established strategy.
• Utilize eMASS for GRC management and RMF workflow tracking.
• Coordinate with Information System Security Engineers (ISSEs) and Security Operations (SecOps) to validate control implementations.
• Develop Security Assessment Plans (SAPs) and support Security Assessment Report (SAR) coordination.
• Draft supply chain risk management plans.
• Support the Cybersecurity Architect with RMF strategic planning.

Benefits

• healthcare
• wellness
• financial
• retirement
• family support
• continuing education
• time off benefits
• flexible time off benefit
• robust learning resources