Information Systems Security Officer
About The Position
SAIC is seeking a motivated and skilled Information Systems Security Officer (ISSO) to support cybersecurity and compliance activities for mission-critical IT systems on the MAJESTIC Joint Program Office (JPO) Team. In this role, the ISSO will be responsible for implementing, managing, and assessing system security controls to ensure compliance with government regulations, standards, and best practices, including NIST 800-53, RMF, and other federal security policies. The ideal candidate will work closely with system owners, administrators, and cross-functional security teams to assess risks, maintain security postures, and ensure the confidentiality, integrity, and availability of information systems that support the mission. This role requires on-site support in Springfield, VA. SAIC is a premier Fortune 500 mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Their robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. They integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives. SAIC is approximately 24,000 strong, driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, headquartered in Reston, Virginia, with annual revenues of approximately $7.5 billion.
Requirements
- Motivated and skilled Information Systems Security Officer (ISSO)
- Knowledge of NIST 800-53
- Knowledge of RMF
- Knowledge of federal security policies
- Knowledge of DISA STIGs
- Knowledge of cybersecurity best practices
Responsibilities
- Ensure compliance with Risk Management Framework (RMF) requirements by developing, maintaining, and assessing system security artifacts, including System Security Plans (SSPs), POA&Ms, and applicable policies and procedures.
- Implement and validate security controls in alignment with NIST 800-53, associated overlays, and system-specific requirements.
- Support the Accreditation and Authorization (A&A) process, including preparing documentation and achieving and maintaining system Authority to Operate (ATO) status.
- Conduct risk assessments and vulnerability analysis, identify potential threats and weaknesses, and provide recommendations for mitigation.
- Work with IT teams to implement system hardening for platforms, applications, and networks in compliance with DISA STIGs and cybersecurity best practices.
- Perform continuous monitoring of systems using tools such as Splunk, ACAS, or SolarWinds, ensuring real-time threat detection, event notifications, and security compliance validation.
- Collaborate with cross-functional teams, including system administrators, developers, and ISSMs, to address security risks, system vulnerabilities, and security incidents.
- Support incident response activities by conducting forensic analysis, generating reports, and coordinating efforts to remediate and recover from security events.
- Provide cybersecurity awareness training for users and team members to ensure adherence to organizational security requirements and best practices.
- Prepare and deliver security status updates, risk reports, and briefings to senior stakeholders and leadership.
- Develop and maintain system documentation, including security control implementation descriptions, policies, and SOPs.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
1-10 employees
