Information Systems Security Officer (ISSO) – Cloud Technologies

About NDi:

Network Designs, Inc. (NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers. Founded in 1985, NDi's firmly defined core values have driven all aspects of the business, which have been paramount to our company's success and the establishment of an enjoyable workplace atmosphere. At NDi, we believe that our people are the cornerstone of our success, and we value collaboration, career growth, and winning ideas. Military Veterans Encouraged to Apply.

Job Description:

NDi is seeking an experienced Information Systems Security Officer (ISSO) - Senior to support cloud-based information systems, security authorization, compliance, and continuous monitoring activities within a large-scale federal cybersecurity environment.

The ISSO will serve as a key security advisor supporting system owners, technical teams, cybersecurity leadership, and compliance stakeholders. This role is responsible for helping ensure cloud and hybrid systems are securely operated, properly documented, continuously monitored, and maintainedin accordance with federal cybersecurity requirements.

The ideal candidate has strong experience with RMF, ATO documentation, cloud security controls, vulnerability management, POA&M tracking, and audit readiness for mission-critical federal systems.

Requirements:

• U.S. Citizenship is required
• Must possess an active TS clearance at the time of application
• Must have the ability to obtain and maintain a Counterintelligence (CI) Polygraph
• Ability to obtain and maintainadditional agency access as required
• This position requires onsite support in Washington, DC

Qualifications and Experience:

• Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Business, or related discipline; or equivalent combination of education, training, and experience
• Advanced degree preferred
• Seven (7) or more years of experience serving as an ISSO or supporting information system security at a cleared facility
• At least seven (7) years serving as an ISSO or ISSE at a cleared facility
• Experience supporting cloud-based systems and RMF authorization activities
• Experience supporting cloud-based or hybrid federal information systems
• Experience developing, reviewing, and maintaining ATO documentation and RMF artifacts
• Experience supporting continuous monitoring, POA&M management, and vulnerability remediation tracking
• Familiarity with security tools such as Tenable Nessus/SecurityCenter, Splunk, IBM Guardium, HP WebInspect, NMAP, or similar applications

Certifications

Must possess at least one of the following:

• CISSP
• GISP
• CASP+
• Other certification demonstrating IAM Level III-equivalent cybersecurity proficiency

Must also possess at least one cloud security certification, such as:

• AWS Certified Security - Specialty
• CCSP
• AWS Certified Solutions Architect - Associate
• Microsoft Certified: Azure Security Engineer Associate
• Google Professional Cloud Security Engineer

Preferred Qualifications:

• Experience supporting federal cloud security or RMF programs
• Experience with AWS GovCloud or Azure Government
• Experience supporting highly regulated or classified environments
• Familiarity with Zero Trust principles
• Experience with enterprise vulnerability management and GRC tools
• Experience supporting audit readiness for FISMA or similar federal compliance requirements

Domain Expertise:

• Strong understanding of:
• Vulnerability management
• FISMA compliance
• Cloud security controls
• Security authorization / ATO processes
• Continuous monitoring
• POA&M management
• NIST Risk Management Framework (RMF)
• Audit readiness

• Experience supporting:
• System Security Plans (SSPs)
• Security Assessment Reports
• Contingency Plans
• Hardware and software inventories
• Boundary documentation
• Data flow diagrams
• Control implementation narratives
• Familiarity with cloud environments including AWS, Azure, Google Cloud, or hybrid cloud platforms

Skills & Competencies:

• Ability to support audits, inspections, and compliance reviews
• Ability to advise system owners and technical teams on cybersecurity requirements
• Strong understanding of cloud security risks and mitigation strategies
• Ability to track, manage, and close security findings and POA&Ms
• Strong written and verbal communication skills
• Strong documentation, analysis, and compliance management skills
• High degree of accountability, professionalism, and judgment in sensitive environments
• Ability to manage multiple systems, deadlines, and stakeholders concurrently

Responsibilities

Cloud Security & ISSO Support:

• Serve as ISSO support for cloud and hybrid information systems
• Advise system owners and technical teams on cybersecurity, compliance, and authorization requirements
• Support implementation and maintenance of required security controls
• Assist with identifying and documenting cloud security risks, gaps, and mitigation strategies
• Coordinate with technical teams to ensure cloud systems are securely configured and properly documented

RMF & Authorization Support:

• Develop, review, and maintain RMF and ATO documentation, including:
• System Security Plans
• POA&Ms
• Risk assessments
• Contingency Plans
• Security control implementation descriptions
• Hardware and software inventories
• Boundary and data flow documentation
• Support systems through authorization, reauthorization, continuous monitoring, and audit readiness activities
• Ensure security documentation accurately reflects current system conditions

Continuous Monitoring & Vulnerability Management:

• Track vulnerabilities, POA&Ms, and remediation actions through closure
• Support vulnerability and patch management reporting requirements
• Review scan results and coordinate remediation activities with technical teams
• Monitor compliance with applicable security policies, directives, and reporting timelines
• Support preparation for data calls, audits, and compliance reviews

Stakeholder Engagement & Reporting:

• Coordinate with system owners, engineers, ISSMs, and cybersecurity stakeholders
• Prepare status updates, risk summaries, and compliance reports
• Support quality reviews of security documentation and authorization packages
• Identify opportunities to improve documentation quality, process efficiency, and compliance outcomes

Compensation and Benefits:

At NDi, we value our team and are committed to retaining top talent by offering competitive benefits and compensation packages. Our employee benefits package includes comprehensive health, dental, vision, pet, and legal insurance. Our corporate benefits include 401(k) retirement matching, paid leave, paid holidays, and health and wellness programs. In addition, we provide employer-paid life and disability insurance, professional development, education benefits, and much more to ensure our team has the resources they need to thrive on and off the job.

Veterans First** Commitment:**

As a Service-Disabled Veteran-Owned Small Business (SDVOSB), NDi is dedicated to hiring veterans and providing a supportive work environment that honors their service while recognizing the unique skills and experiences they bring to our organization.

Our Commitment:

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or other characteristics protected by law.

Apply Now: Take advantage of this unique opportunity to join one of the fastest-growing companies in Federal contracting!