Junior Information System Security Officer (ISSO)

About The Position

Requirements

• Candidates must meet DoD 8140-M Basic level (or higher) qualification requirements.
• At a minimum, CompTIA Security + CE will be required for this position . Please upload copies of any relevant IT certifications you hold.
• 2-3 years of experience in the following technical areas is preferred: Information Assurance / Cybersecurity (IA/CS) within DoD environments.
• Risk Management Framework (RMF) in accordance with DoDI 8510.01.
• Implementation of security controls aligned with CNSSI 1253, NIST SP 800-53, and JSIG
• Conducting vulnerability assessments using ACAS, DISA STIGs, and SCAP Compliance Checker with automated benchmarks.
• Applying DISA STIG configurations to operating systems and network devices.
• Supporting continuous monitoring, security audits, risk assessments, and mitigation planning
• Reviewing technologies for compliance with NIAP Common Criteria and the DISA Approved Products List (APL).
• Familiarity with ICD 705, DoD 5205.07/5205.07-M (Vol 1–4), SAP policy, and JSIG requirements.
• Ability to build positive, collaborative relationships across teams and with external partners.
• Effective communicator with strong verbal and written skills.
• Proactive, self-directed work style with the ability to operate independently.
• Analytical thinker with proven problem-solving capabilities.
• Highly organized, with the ability to balance competing priorities in a fast-paced environment.
• This position requires U.S. citizenship and an active DoD Top Secret clearance. Selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Responsibilities

• Support the implementation and enforcement of cybersecurity policies, standards, and procedures in alignment with DoD RMF requirements.
• Perform vulnerability assessments using tools such as ACAS, SCAP Compliance Checker, and DISA STIG benchmarks to identify and remediate security gaps.
• Apply and validate DISA STIG configurations across Windows, Linux, and network devices to ensure compliance with DoD security standards.
• Assist in continuous monitoring activities, including reviewing audit logs, tracking POA&M items, and supporting security control assessments.
• Contribute to the development and maintenance of RMF documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and related artifacts supporting ATO efforts.
• Coordinate with system owners, engineers, and ISSMs to track vulnerabilities, implement mitigations, and support remediation timelines.
• Review and verify compliance of hardware and software against NIAP Common Criteria certifications and the DISA Approved Products List (APL).
• Support preparation of security authorization packages and interface agreements (MOAs/MOUs) for interconnected systems.
• Conduct risk assessments and assist in identifying mitigation strategies to protect classified and unclassified DoD information systems.
• Participate in cybersecurity working groups and cross-functional meetings to ensure alignment with program milestones and mission objectives.
• Provide user awareness support and assist with incident response documentation and reporting activities.

Benefits

• 100% employee-owned company
• Comprehensive benefits package , including 11 paid holidays, medical/dental/vision coverage, HSA/FSA options, disability insurance, and more!
• 401(k) with company match
• Tuition assistance for undergraduate and graduate education
• Veteran-friendly employer
• Thriving employee culture