Information Systems Security Officer (ISSO)
Job Category: Security
Time Type: Full time
Minimum Clearance Required to Start: Top Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US
Anticipated Posting End: 1/26/2026

QUALIFICATIONS:

Required:

• BA/BS + 7 years of relevant experience (additional 5+ years of recent relevant experience may be substituted for degree, for a total of 12+ years of experience)
• Must possess a current Top Secret DoD Security Clearance with ability to obtain SCI.
• Experience managing and auditing privileged user provisioning processes and knowledge of DoD security training requirements.
• Excellent writing and documentation skills, with experience in creating System Security Plans (SSPs) and related ATO documentation.
• Experience working independently and, in a team, to support the customer, both on-site and remotely
• Exceptional verbal and written communication skills, with the ability to engage and educate stakeholders at all levels.
• Strong analytical and problem-solving skills, with the ability to interpret complex security regulations and standards.
• DoD 8570 IAT or IAM level III Certified
• Familiarity with DoD Risk Management Framework (RMF) or DIACAP processes
• ITIL Foundation (version 4) preferred.

Certifications (must possess at least one):

• (ISC)² Certified in Governance, Risk and Compliance (CGRC) / Certified Authorization Professional (CAP)
• CompTIA Advanced Security Practitioner (CASP+) CE
• (ISC)² Certified Cloud Security Professional (CCSP)
• CompTIA Cloud+ CE
• (ISC)² Systems Security Certified Practitioner (SSCP)
• CompTIA Security+ CE
• GIAC Security Essentials (GSEC)

Conditional Alternative Certifications (Considered):

• (ISC)² Certified Information Systems Security Professional (CISSP)

• Determine enterprise information assurance and security standards.
• Develop and implement information assurance/security standards and procedures.
• Create and maintain System Security Plans for information systems leveraging NIST RMF, DoD RMF, and FEDMRAP methodologies.
• Ensure that a Certification and Accreditation package is prepared and maintained in accordance with (IAW) the DoD Information Assurance Certification and Accreditation Process (DIACAP), or the DoD Risk Management Framework (RMF).
• Recommend information assurance/security solutions to support customer’s requirements.
• Identify, report, and resolve security violations.
• Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
• Support customers at the highest levels in the development and implementation of doctrine and policies.
• Ensuring development and implementation of procedures in accordance with configuration management (CM) policies and practices for authorizing the use of hardware/software on an IS.
• Performs analysis, design, and development of security features for system architectures.
• Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.
• Act as the primary point of contact for stakeholders regarding system ATO inquiries and security compliance matters.
• Collaborate with IT and security teams to ensure compliance with security controls and facilitate the ATO process.
• Working knowledge of system functions, security policies, technical security safeguards, and operational security measures. Provides integration and implementation of the computer system security solution.
• Assist in the development and refinement of security policies and procedures related to ATO and information system security.
• Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
• Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.