Information Systems Security Officer (ISSO) Skill Level 1 (Government)

AT&T•Columbia, SC

20h•Onsite

About The Position

AT&T Global Public Sector is seeking an Information Systems Security Officer (ISSO) to support information assurance programs and ensure the security posture of mission-critical systems. The ISSO will play a key role in supporting security authorization activities in alignment with program and government requirements. The scope of this Contract requires specialized expertise in areas such as high-performance computing (HPC), automated processing systems, distributed software design, and secure hosting and networking solutions. The IT infrastructure consists primarily of Linux. The environment includes a variety of network devices, server interconnections, mass storage solutions, and essential supporting infrastructure services. The services provided under this Contract support areas including HPC, infrastructure maintenance for HPC systems, networking, office automation, and the development of specialized software.

Requirements

Five (5) years of experience as an ISSO on programs and contracts of similar scope, type; and complexity is required.
Bachelor's degree in Computer Science or related discipline from an accredited college or university is required. Four (4) years of additional experience as an ISSO may be substituted for a bachelor's degree.
Experience is to include at least one (l) of the following areas: knowledge of current security tools, hardware/software security implementation; communication protocols; and encryption techniques/tools.
DOD 8570 compliance with IAT Level I or higher is required.
Required Clearance: TS/SCI with polygraph.
RMF and RMF toolsets (e.g., LATTEART, XACTA, BISCOTTI, WATCHCAT, STE).
Compliance and configuration scanning tools (e.g., SCAP-based and host/network scanning solutions).
Working knowledge of NIST SP 800-53 (Rev. 3 and/or Rev. 5) and NIST SP 800-37; understanding of the full RMF lifecycle, including Authority to Operate (ATO) and continuous monitoring.
Security documentation development and maintenance (e.g., SSP, POA&M, Security Plan for Exceptions/waivers, BIA, Configuration Management Plan (CMP), After Action Report (AAR), Contingency Plan (CP), Security Assessment Report (SAR), Risk Assessment Report (RAR)).
Strong collaboration with System Administrators (SA), System Owners, and other stakeholders to implement controls, manage change, and sustain compliance.
Experience supporting information assurance/cybersecurity operations for systems processing classified information.
Hands-on experience with RMF execution, security control implementation, and security authorization (ATO) support.
Experience producing and maintaining RMF artifacts and supporting audits, assessments, and continuous monitoring activities.
Ability to support control selection/tailoring and coordinate security control assessments with technical and program stakeholders.
Strong written communication skills to produce clear, complete, and compliant security documentation.
Ability to coordinate across ISSM/ISSO, system owners, engineering, and operations teams to implement controls, manage change, and sustain compliance.

Responsibilities

Supports the Information System Security Manager (ISSM) and senior ISSOs in implementing and enforcing information systems security policies, standards, and methodologies.
Helps maintain the security posture of classified information systems.
Supports Risk Management Framework (RMF) activities.
Manages security-relevant configuration control.
Develops and maintains cybersecurity documentation in accordance with ODNI and DoD requirements.
Supports senior ISSOs in implementing and enforcing information systems security policies, standards, and methodologies.
Maintains the operational security posture of classified information systems, including support for continuous monitoring activities.
Develops system security policy and ensures compliance with applicable requirements.
Evaluates security solutions to ensure they meet security requirements for processing classified information.
Assists with the management of security aspects of information systems and performs day-to-day security operations.
Administers user identification and authentication mechanisms for information systems, including privileged user oversight.
Provides configuration management (CM) for security-relevant information system software, hardware, and firmware; coordinates and assesses security impact of changes.
Maintains records for workstations, servers, routers, firewalls, intelligent hubs, network switches, and related components, including system upgrades.
Develops, updates, and maintains RMF/IA documentation (e.g., SSP) and supporting artifacts; keeps documentation accurate and audit-ready.
Collaborates with System Administrators (SA), System Owners, and other stakeholders to implement controls, manage change, and sustain compliance.
Supports control selection/tailoring and coordinates security control assessments with technical and program stakeholders.

Benefits

Medical/Dental/Vision coverage
401(k) plan
Tuition reimbursement program
Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
Pro-rated when working less than 40 hrs/wk.
Paid Parental Leave
Paid Caregiver Leave
Additional sick leave beyond what state and local law require may be available but is unprotected
Adoption Reimbursement
Disability Benefits (short term and long term)
Life and Accidental Death Insurance
Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
Employee Assistance Programs (EAP)
Extensive employee wellness programs
Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone