ISSO

About The Position

Requirements

• Minimum 2 years of ISSO experience supporting RMF and NIST SP 800-53 compliance activities
• Minimum 1 year of Information Systems Security Engineer (ISSE) experience supporting cloud security initiatives
• Experience developing and maintaining ATO, IATT, SSP, POA&M, and Continuous Monitoring documentation
• Experience supporting vulnerability management and security compliance programs
• Strong problem-solving abilities with a demonstrated ability to resolve complex technical and security challenges
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Assurance, or related field (or equivalent experience)
• Active TS/SCI Clearance (Required)

Nice To Haves

• Experience supporting AWS Landing Zone Accelerator (LZA) environments
• Experience supporting DoD or Intelligence Community cloud environments
• Experience operating within classified multi-domain environments
• One or more of the following certifications preferred: CISSP, CISM, CAP, CASP+, DoD 8570/8140 IAM Level II Certification, DoD 8570/8140 IAT Level III Certification

Responsibilities

• Create, maintain, and update security authorization packages, including: System Security Plans (SSPs), Initial Authorization to Test (IATT) packages, Authority to Operate (ATO) packages, Control Family Plans (AC, IA, SC, SI, and others), Plan of Action & Milestones (POA&M), RMF Control Implementation Statements, Continuous Monitoring documentation.
• Monitor, identify, track, and report security vulnerabilities across AWS cloud environments and third-party security platforms.
• Assess and validate compliance with NIST SP 800-53 security controls.
• Support continuous monitoring activities across DoD Impact Level (IL2, IL4), Secret, and Top Secret environments.
• Assist with deployment, configuration, and maintenance of security tools including: AWS GuardDuty, AWS Security Hub, AWS Config, AWS Identity and Access Management (IAM), AWS Organizations Service Control Policies (SCPs), Palo Alto security solutions, DoD ACAS, Elastic.
• Evaluate AWS Landing Zone Accelerator (LZA) security posture and provide recommendations for remediation and improvement.
• Collaborate with engineering, operations, and compliance teams to implement and maintain security controls.
• Support audits, assessments, security reviews, and accreditation activities.
• Provide technical guidance on cloud security best practices and RMF implementation.

Benefits

• Four Weeks of Accrued PTO in the First Year
• Eleven Paid Federal Holidays
• Comprehensive Health, Dental, Vision, and Life Insurance
• 401(k) Plan with Annual Employer Contributions
• Flexible Schedules
• Reimbursements for Continued Education and Training