Senior Information Systems Security Officer (ISSO)

About The Position

Requirements

• Ability to interpret and apply Department of Defense, National Institute of Standards and Technology, and Intelligence Community security standards including NIST SP 800-53, CNSSI 1253, and DoDI 8510.01
• Skilled in Risk Management Framework steps 1 through 6, risk mitigation, and continuous monitoring
• Experience implementing and validating technical controls for operating systems, applications, and network devices
• Hands-on experience with vulnerability scanners, audit tools, and enterprise security management systems such as ACAS, Nessus, or comparable tools
• Ability to perform detailed risk assessments and author clear, actionable security documentation
• Strong written and verbal communication skills with the ability to brief stakeholders and leadership
• Proven ability to work in a cross-functional classified environment with minimal supervision
• Exposure to infrastructure provisioning or configuration management tools (e.g., Ansible, Terraform)

Responsibilities

• Manage daily security operations for information systems ensuring compliance with Department of Defense and Intelligence Community cybersecurity policies, directives, and frameworks
• Conduct vulnerability and risk assessments to support accreditation decisions and ensure system integrity throughout development and sustainment
• Administer configuration control for security software, hardware, and firmware ensuring all changes are evaluated for potential security impacts
• Create and maintain critical security documentation including System Security Plans (SSPs), Risk Assessment Reports (RARs), Plan of Actions and Milestones (POA&Ms), Certification and Accreditation Packages, and System Requirements Traceability Matrices (SRTMs)
• Lead system authorization efforts in accordance with the Department of Defense Risk Management Framework process and legacy NISCAP standards ensuring timely submission and approval of security artifacts
• Evaluate, implement, and maintain the use of agency specific security tools such as Latteart, Biscoti, and Xacata for monitoring and reporting
• Assess current security processes, identify vulnerabilities, and develop proactive solutions to strengthen the organization’s cybersecurity posture
• Work directly with system administrators, engineers, and program leadership to resolve security issues and embed cybersecurity best practices across all project phases

Benefits

• Support critical national security missions that matter
• Be part of a close-knit, employee-first culture where your voice is heard
• Expand your skills through ongoing training, mentorship, and career development
• Enjoy competitive compensation, generous benefits, and work-life balance