Information Systems Security Officer

About The Position

Requirements

• Must possess IT-II security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). (Basic Federal Clearance requirements are U.S. Citizenship, clear criminal history check, no recent or pending bankruptcies).
• Must possess an IAT-II security certification: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+ CE, CCNP Security, CISA, CISSP, CISSA, GCED, GCIH, or CCSP.
• Must have Eight to Twelve (8-12) years of experience.
• Strong knowledge of Azure-native security tools, IL6 data handling, and cloud networking.
• Proficient in scripting (PowerShell, Python, or Bash) and Infrastructure as Code (ARM, Bicep, Terraform).
• Experiences with DoD SRG, FedRAMP High, JSIG, and ICD 503 compliance frameworks.
• Hands-on experience with classified enclaves, hardened images, and enclave-to enclave connectivity.
• Comprehensive knowledge of corporate Systems/Solutions Architecture processes and trends.
• Strong leadership, organizational, and communication skills.
• Knowledge of Agile software development process.
• SCAP, STIG, Patching, eMASS, and related RMF tools.
• Cybersecurity, Systems Administration, implementation of RMF tools and processes.
• Experience with gaining an ATO for systems and working the systems through the assessment and authorization process.
• Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic email and access-list.
• Excellent communication skills.
• Experience working in Agile software development teams.
• Experience with secure development, coding and engineering practices.
• Experience with Cybersecurity, Information Security, and Information Technology Security processes, protocols, and procedures.
• Experience with Cloud Security.
• Experience working with leading firewall, network scanning and authentication technologies.
• Experience working with internet, web, application and network security techniques.
• Experience in Agile methodology.
• Experience in Jira to support development team in agile environment.
• Experience working in Federal or State government environments.
• Ability to work independently.

Responsibilities

• Ensure security policies and procedures are implemented.
• Identifying corrective actions/mitigation strategies to achieve/sustain RMF compliance.
• Review of virus detection software to ensure compliance.
• Review and analyze system implementation plans.
• Advising system owners and stakeholders on new deployments and advanced cyber security techniquesDesign, implement, and maintain secure cloud architectures within Azure Government Secret classified environments.
• Enforce zero trust principles, role-based access control (RBAC), and identity federation (e.g.,Azure AD B2B/B2C with CAC/PIV).
• Configure and manage security controls such as Microsoft Defender for Cloud, Key Vault, Azure Policy, NSGs, and Private Endpoints.
• Automate compliance and security operations using PowerShell, Terraform, or ARM templates.
• Integrate SIEM/SOAR tools (e.g., Microsoft Sentinel for IL6) for continuous monitoring, logging, and incident response.
• Conduct vulnerability assessments and implement remediations aligned to NIST 800-53, DoD STIGs, and JSIG.
• Collaborate with mission owners, compliance teams, and developers to ensure secure DevSecOps pipelines.
• Support Authority to Operate (ATO) processes by generating security documentation, control evidence, and supporting audits.
• Navigate federal systems through the authorization process to achieve and maintain Authority to Operate (ATO).
• Work with the ISSO, Program and DOC ITD IA teams to maintain the necessary security authorizations.
• Develop comprehensive System Security Plans (SSPs) documenting all implemented NIST 800-53 controls.
• Coordinate security assessments with third-party assessors.
• Manage Plans of Actions & Milestones (POA&Ms) for addressing identified vulnerabilities.
• Ensure continuous monitoring plans meet agency requirements.
• Prepare authorization packages for government review.
• Maintain ongoing compliance through change management processes.
• Serve as the liaison between technical teams and authorizing officials.
• Translate security requirements into actionable tasks.
• Ensure all documentation meets the rigorous standards required for federal information systems.

Benefits

• Four Medical/Vision options including an HSA plan
• Dental and Orthodontia plan
• Vision Materials plan
• Paid Life, Short-Term Disability, and Long-Term Disability
• 401K Retirement Program with company contribution
• Paid Vacation, Holidays, Sick Leave, Floating Holidays, Bereavement Leave
• Semi-monthly pay cycle