Information Systems Security Officer

Chenega Corporation•Huntsville, AL

7h•Onsite

About The Position

The Information Systems Security Officer (ISSO) is responsible for overseeing, implementing, and maintaining cybersecurity compliance and security controls for enterprise IT systems and applications in support of the Army Materiel Command (AMC), Chief Information Office (CIO). Chenega Military, Intelligence & Operations Support (MIOS) is looking for professionals to enhance their skills and build their career in a rapidly evolving business climate. Chronos Operations (CO) is a wholly-owned subsidiary of Chenega Corporation, an Alaska Native Corporation based in Anchorage, AK. Belonging to the Military, Intelligence, and Operations Support (MIOS) Strategic Business Unit (SBU), Chronos has a culture rooted in integrity, respect, and exceptional performance. Chronos is headquartered in Colorado Springs, CO, and provides mission-critical services in Advanced Analytics & AI, Software Engineering, Cybersecurity, Information Technology, and Intelligence.

Requirements

Bachelor's degree in Science, Technology, Engineering, Mathematics, IT, or business-related programs
6+ years of experience in information system security, cybersecurity, or governance roles
Experience with eMASS and/or Xacta is required.
Experience with FISMA and security control assessments required.
5+ years of experience with RMF (NIST 800-53), ATO packages, POA&M development, and system categorization is required
3+ years’ experience supporting DoD or federal programs is highly desirable
Must have an active CompTIA Security+ certification in accordance with DoD 8570/8140 requirements.
Must have an active Secret clearance with the ability to obtain TS with SCI eligibility.
Deep understanding of cybersecurity frameworks, risk management, and compliance requirements.
Strong knowledge of cloud and hybrid environments (AWS, Azure, GCP, Oracle)
Experience working in a Unix/Linux environment.
Experience working in cloud infrastructures.
Must have high proficiency in the Microsoft Office suite and possess advanced skills and knowledge in programs like Word, Excel, PowerPoint, and Outlook.
Experience extracting, transforming, and structuring data to support both exploratory analytics and operational reporting.
Strong creative and visual storytelling skills with an eye for design, usability, and user experience.
Use expert knowledge of data visualization tools to deliver information that allows client users to quickly understand data, ask better questions, and take action.
Possess knowledge and experience with data analysis and data technical expertise in data management, engineering, and science.
Skillful time management and organizational skills to set and meet deadlines.
Ability to work both independently and within a team.
Ability to work effectively in a team environment to encourage collaboration, innovation, and continuous improvement.
Ability to meet minimum clearance requirements.

Nice To Haves

Cybersecurity certifications like CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CGRC (Certified in Governance, Risk and Compliance) are preferred.

Responsibilities

Serve as the primary ISSO supporting assigned information systems throughout the full system development lifecycle.
Implement, assess, and maintain security controls in accordance with NIST RMF (SP 800-53), DoD cybersecurity policies, and applicable regulatory requirements.
Support and maintain ATO packages, including system categorization, control implementation, assessment coordination, and continuous monitoring activities.
Develop, review, and maintain system security documentation such as SSPs, POA&Ms, SARs, RARs, and CONMON artifacts.
Ensure compliance with DoD cybersecurity requirements, STIGs, FISMA, and data protection regulations.
Coordinate and support internal and external audits, inspections, and information assurance readiness reviews.
Review IT policies, procedures, and technical documentation to ensure alignment with regulatory and organizational requirements.
Identify compliance gaps, assess risk, and recommend corrective actions or compensating controls.
Maintain awareness of evolving cybersecurity threats, vulnerabilities, and regulatory changes to ensure ongoing compliance.
Provide cybersecurity risk and compliance briefings to program leadership, system owners, and executive stakeholders.
Identify, assess, and document cybersecurity risks and support the development of risk mitigation strategies.
Support the implementation of a structured IT risk management and governance framework.
Assist with the development and enforcement of cybersecurity policies and procedures.
Serve as a cybersecurity liaison between technical teams, compliance staff, auditors, and government customers.
Conduct briefings and presentations on cybersecurity posture, compliance status, and non-compliance issues.
Other duties as assigned.