Information Systems Security Officer

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, Information Assurance, or related field.
• 5+ years of experience supporting information assurance, cybersecurity, or information systems security activities.
• Experience supporting DoD Risk Management Framework (RMF) processes and security authorization activities.
• Knowledge of NIST cybersecurity frameworks, controls, and federal information security requirements.
• Experience conducting vulnerability management, security compliance assessments, and remediation tracking.
• Familiarity with Security Technical Implementation Guides (STIGs), vulnerability scanning tools, and security compliance reporting.
• Understanding of enterprise IT operations, including systems, networks, storage, virtualization, and cloud technologies.
• Experience supporting Configuration and Change Management processes.
• Strong analytical, troubleshooting, and risk assessment skills.
• Excellent written and verbal communication skills with the ability to prepare security documentation and reports.
• Familiarity with Agile methodologies.
• Must be able to obtain and Maintain Secret Clearance.
• Must be able to pass Pre-Employment Drug test.
• Must be US Citizen.

Nice To Haves

• Master’s degree in Cybersecurity, Information Assurance, Information Systems, or related discipline.
• Current DoD 8570/8140-compliant certification such as Security+, CISSP, CAP, CASP+, or equivalent.
• Experience supporting Air Force, DoD, or federal enterprise IT environments.
• Experience with eMASS, ACAS, HBSS/ESS, or similar cybersecurity tools and platforms.
• ITIL Foundation or ITIL Managing Professional certification.

Responsibilities

• Manages the full RMF lifecycle including system categorization, security control selection, implementation, assessment, authorization, and continuous monitoring.
• Maintains ACAS, HBSS, and SCAP compliance posture.
• Manages POA&Ms, and ensures STIG compliance across all managed systems.
• Monitor information systems for compliance with applicable cybersecurity policies, standards, and regulations.
• Conduct vulnerability assessments and coordinate remediation efforts with system owners and technical teams.
• Review security configurations, system changes, and architecture modifications to ensure compliance with approved security baselines.
• Support security authorization activities, continuous monitoring programs, and cybersecurity inspections.
• Analyze security alerts, findings, and incidents and coordinate corrective actions as required.
• Assist with implementation and validation of Security Technical Implementation Guides (STIGs) and other security requirements.
• Maintain Plan of Action and Milestones (POA&M) documentation and track remediation efforts through completion.
• Support audit readiness activities by maintaining cybersecurity documentation, evidence, and traceability records.