Information Systems Security Officer (ISSO)

Mount Indie

Annapolis Junction, Maryland

JOB DETAILS
SKILLS
Architectural Analysis, Cloud Computing, Communication Skills, CompTIA Security+, Computer Security, Defense Intelligence Agency (DIA), Documentation, Engineering, Information Architecture, Information Systems Security Engineering (ISSE), International Classification of Diseases (ICD), Internet Security, Leadership, Maintain Compliance, Regulatory Compliance, Risk Management, Security Analysis, Security Attacks, Security Compliance, Sensitive Compartmented Information (SCI), Sensitive Compartmented Information Facility (SCIF), Software Development Lifecycle (SDLC), Software Engineering, Splunk, Systems Engineering, Systems Maintenance, Team Lead/Manager, Test Plan/Schedule, Top Secret Clearance, U.S. National Institute of Standards and Technology (NIST)
LOCATION
Annapolis Junction, Maryland
POSTED
3 days ago

As a Senior Level Information Systems Security Officer (ISSO) you will play a pivotal role in shaping and enhancing cybersecurity initiatives. Your responsibilities may include: 

  • Conducting technical security assessments and contribute to the security systems.
  • Ensuring system security compliance, manage risks, and support certification activities throughout the program life cycle.
  • Work with the application leads, sysadmins, DBAs, developers, and testers to ensure the assigned systems are security compliant and achieve/maintain ATO.
  • Answering questions to ensure systems are developed with security compliance built in.
  • Supporting security assessment events and respond to all questions from ISSMs and SCAs
  • Developing and maintaining SSPs, POA&Ms, and other required security documentation using XACTA.
  • Driving IATT and ATO efforts, coordinating with stakeholders, cyber, and Authorizing Official (AO).
  • Implementing and validating NIST 800-53 controls in cloud-native DPaaS environments.
  • Applying Zero Trust principles to secure data services, including identity, segmentation, and flow control.

Requirements

Required:

  • Active TS/SCI with active CI Polygraph clearance.
  • 13 Years of experience in Software or Systems Engineering roles or a highly related field of work with similar scope and responsibilities.
  • A Bachelor’s degree may be substituted for 4 years of experience and a Master’s Degree may be substituted for 6 years of experience.
  • Security+ or other IAT II/III level certification that is currently active.
  • Proficiency with XACTA and DIA’s RMF process, including managing IATT and ATO processes.
  • Proficiency with Splunk.
  • Experience conducting assessments of existing IT architecture for compliance with security requirements from applicable security frameworks (such as ICD 503).
  • Experience with implementing and maintaining system security documentation, including SSPs, SAPs, POA&Ms, and security assessment artifacts, coordinating closely with ISSMs, ISSEs, system owners, and authorizing officials.
  • Full-time work in a Sensitive Compartmented Information Facility (SCIF) is required, with flexible hours.

Desired:

  • Prior Information System Security Officer or Information System Security Engineer experience
  • Proven experience leading cybersecurity initiatives for significant programs, showcasing a comprehensive understanding of large-scale program requirements.
  • Demonstrated success in team management, highlighting the ability to effectively guide and coordinate cybersecurity professionals.
  • Strong background in communication, with a track record of effectively engaging with customer, program leads, leadership teams, and engineers to convey complex cybersecurity concepts and strategies.


About the Company

M

Mount Indie