Position Overview:
Sigmatech, Inc. is seeking an experienced Information System Security Officer (ISSO) to provide cybersecurity, risk management, and compliance support to Army programs located at Aberdeen Proving Ground. The incumbent will support all phases of the Risk Management Framework (RMF) process, ensuring assigned information systems meet all Department of War (DoW) and Army cybersecurity requirements.
Duties
The ISSO will perform the following major duties:
* Serve as the primary cybersecurity subject matter expert for assigned systems.
* Support system owners through all RMF steps, to include security categorization, control implementation, assessment, and authorization.
* Develop, review, and maintain cybersecurity documentation, including System Security Plans (SSPs), Security Controls Traceability Matrices (SCTMs), Plans of Action and Milestones (POA&Ms), and Continuous Monitoring plans.
* Conduct and document vulnerability assessments, risk evaluations, and compliance reviews.
* Ensure application of DISA Security Technical Implementation Guides (STIGs) and DoD cybersecurity policies.
* Manage system accounts, audit logs, incident reporting procedures, and privileged access in accordance with DoD requirements.
* Utilize tools such as ACAS, HBSS, eMASS, and Army-specific cybersecurity platforms to support system monitoring and reporting.
* Coordinate cybersecurity activities with system administrators, engineers, program managers, and external assessors.
Requirements & Qualifications
To be qualified, applicants must meet the following criteria:
-U.S. citizenship.
-Active DoD Secret clearance or higher and ability to maintain required security certifications.
-Occasional travel may be required for program support or assessments.
-Bachelors degree or equivalent in Computer Science, Information Systems Engineering or equivalent. Four (4) additional years of relevant experience or military experience substituted for education.
-Minimum of five (5) years of experience in information systems security with extensive demonstrated proficiency in creating, reviewing, and updating eMASS packages including post accreditation/throughout the continuous monitoring stage.
-IAM Level I or II certification meeting DoD 8570/8140 requirements (e.g., Security+ CE, CAP, CASP+, CISSP).
-Demonstrated experience supporting RMF processes within a DoD, Army, or federal IT environment.
-Knowledge of NIST Special Publications, DoD cybersecurity directives, and DISA STIGs.
-Experience maintaining cybersecurity documentation and preparing systems for assessment and authorization.
-Ability to analyze vulnerabilities, determine risk impacts, and recommend corrective actions.
-Strong communication skills, both written and verbal, with the ability to interface with technical and non-technical personnel.
Preferred Experience
-Direct experience supporting Army programs at Aberdeen Proving Ground.
-Proficiency using eMASS for package development and updates.
-Familiarity with secure configuration management, auditing practices, and cybersecurity tools such as ACAS and HBSS.
-Background working in a program office or engineering environment.