Access Authorization, Auditing, Business impact analysis (BIA), CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Communication Skills, CompTIA Security+, Computer Security, Configuration Management, Contingency Plans, Detail Oriented, Documentation, Government, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Life Insurance, Maintain Compliance, Organizational Skills, Presentation/Verbal Skills, Regulatory Compliance, Risk, Risk Analysis, Risk Management, Risk Management Framework (RMF), Security Analysis, Security Auditing, Security Clearance, Security Compliance, Security Monitoring, Sensitive Compartmented Information (SCI), System Lifecycle, Systems Administration/Management, Team Player, Technical Delivery, Top Secret Clearance, U.S. National Institute of Standards and Technology (NIST), United States Citizen, Writing Skills
Information System Security Officer (ISSO)
Location: Maryland
Clearance Required: Active TS/SCI with Polygraph
Citizenship: U.S. Citizenship Required
Position Overview
Open Systems Technologies Corporation (OST) is seeking Information System Security Officers (ISSOs) to support mission-critical Government programs. The ISSO will be responsible for ensuring systems maintain compliance with security requirements throughout the Risk Management Framework (RMF) lifecycle while supporting accreditation, continuous monitoring, and cybersecurity operations activities.
The ideal candidate will possess strong RMF expertise, experience working with cybersecurity compliance and assessment tools, and the ability to collaborate effectively with System Administrators, System Owners, Information System Security Managers (ISSMs), and Government stakeholders.
Responsibilities
- Support the full Risk Management Framework (RMF) lifecycle for classified information systems.
- Develop, maintain, and update RMF documentation and security authorization packages.
- Coordinate activities required to obtain and maintain Authority to Operate (ATO) approvals.
- Conduct security control assessments and compliance reviews.
- Monitor and track vulnerabilities, findings, and remediation efforts.
- Support Continuous Monitoring (ConMon) activities and ongoing security assessments.
- Review system configurations and scan results to ensure compliance with security requirements.
- Collaborate with System Administrators and System Owners to implement and maintain security controls.
- Monitor privileged user activities and support oversight requirements.
- Participate in security audits, inspections, and cybersecurity reviews.
- Provide recommendations for risk mitigation and system security improvements.
Required Qualifications
- Active TS/SCI with Polygraph security clearance.
- U.S. Citizenship.
- Experience supporting Information Assurance, Cybersecurity, or ISSO activities within classified environments.
- Strong understanding of the Risk Management Framework (RMF) process.
- Knowledge of:
- Authority to Operate (ATO) processes
- Security Control implementation and assessment
- Continuous Monitoring (ConMon)
- Risk assessment methodologies
- Experience with RMF and cybersecurity compliance tools, including:
- LATTEART
- XACTA
- BISCOTTI
- WATCHCAT
- STE
- Experience with compliance and configuration scanning tools.
- Familiarity with:
- NIST SP 800-53 Revision 3 and/or Revision 5
- NIST SP 800-37
- Strong written and verbal communication skills.
- Ability to work independently and collaboratively in a mission-focused environment.
Documentation Experience
Candidates should have experience developing, reviewing, or maintaining security documentation, including:
- System Security Plans (SSP)
- Plans of Action and Milestones (POA&M)
- Security Plan Findings (SPFs) and Exception Documentation
- Business Impact Assessments (BIA)
- Configuration Management Plans (CMP)
- After Action Reports (AAR)
- Contingency Plans (CP)
- Security Assessment Reports (SAR)
- Risk Assessment Reports (RAR)
Preferred Qualifications
- Experience supporting classified Government systems.
- Familiarity with auditing and compliance requirements.
- Experience coordinating with Authorizing Officials, Security Control Assessors, ISSMs, and System Owners.
- Understanding of vulnerability management and remediation processes.
- Knowledge of system administration concepts and operating system security.
- Security certifications such as:
- CompTIA Security+
- CISSP
- CAP
- CASP+
- CISM
Key Attributes
Successful candidates will demonstrate:
- Strong attention to detail.
- Excellent organizational skills.
- Effective communication and collaboration abilities.
- Sound risk-based decision-making.
- Ability to balance mission requirements with cybersecurity compliance.
- A proactive approach to identifying and mitigating security risks.
Benefits
OST has been providing mission-critical support to Government agencies since 1996 and offers a comprehensive benefits package including:
- 3 Weeks Paid Time Off
- 11 Federal Holidays
- Medical and Dental Coverage
- Short-Term Disability (STD)
- Long-Term Disability (LTD)
- Life Insurance
- Accidental Death & Dismemberment (AD&D) Coverage
- 401(k) with up to 4% Company Match
About OST
Open Systems Technologies Corporation (OST) is an Equal Opportunity Employer dedicated to delivering innovative technology solutions and cybersecurity expertise to Government customers. We foster a culture of technical excellence, collaboration, and continuous learning while supporting some of the nation's most critical missions.
O
Open Systems Technologies Corporation