Aerospace and Defense, Air Force, Analysis Skills, Change Management, Computer Forensics, Computer Security, Configuration Management, Detail Oriented, Disaster Recovery, Documentation, Incident Response, Information Technology & Information Systems, Internet Security, Interpersonal Skills, Leadership, Maintain Compliance, Network Design, Network Support, Operations Management, Operations Planning, Operations Security (OPSEC), Risk Analysis, Risk Management, Risk Management Framework (RMF), Secret Clearance, Security Analysis, Security Auditing, Security Monitoring, Systems Administration/Management, Team Player, Testing, Time Management, United States Citizen, United States Department of Defense (DoD)
JOURNEYMAN INFORMATION SYSTEM SECURITY OFFICER (ISSO)
LOCATION: Hill AFB, Utah
JOB STATUS: Full-time
CLEARANCE: Secret
TRAVEL: Limited, as needed
Astrion has an exciting opportunity for a Journeyman Information System Security Officer (ISSO)located at the Hill AFB in Ogden Utah to support the Aerospace Dominance Enabler Division (AFLCMC/C3BM).
This role supports the protection, accreditation, and ongoing security posture of Air Force information systems. In this role, you will work closely with the Information System Security Manager (ISSM) to ensure systems meet all DoD and Air Force cybersecurity requirements, align with the Risk Management Framework (RMF), and maintain the confidentiality, integrity, and availability of critical networks and data.
You will conduct risk assessments, support accreditation activities, evaluate system security controls, and help enforce policies, configurations, and user access standards. Additional responsibilities include monitoring for vulnerabilities, assisting with incident response actions, maintaining compliance artifacts, and supporting secure system design efforts.
This position requires strong attention to detail, a commitment to cybersecurity excellence, and the ability to collaborate across technical and leadership teams.
REQUIRED QUALIFICATIONS / SKILLS
- Must have and be able to maintain and active Secret clearance
- Must be a US citizen
PREFERRED QUALIFICATIONS / SKILLS
Education: Bachelor’s or Master’s Degree in a related field and at least 3 years of experience discipline being performed, 3 of which must be in the DoD, OR 7 years of directly related experience, 5 of which must be in the DoD.
Certifications: IAT Level II (Security+, GSEC, CCNA-Security, Certified Systems Security Professional (CISSP), or equivalent certification)
- Must maintain required cybersecurity certifications in accordance with AFMAN 17‑1303.
Technical Skills
- Experience supporting Risk Management Framework (RMF) activities and cybersecurity compliance
- Experience using eMASS for authorization packages, artifact management, and accreditation support
- Vulnerability assessment and risk mitigation analysis
- STIG/SRG implementation and configuration management
- Security audits, assessments, and incident response support
- Information system security and operational security posture management
- Secure system and network design support in DoD environments
Interpersonal Skills:
- Ability to develop innovative approaches to complex test problems
- Strong attention to quality, adequacy, and completeness of test results and conclusions
- Ability to deliver thorough, timely, and efficient task execution
- Ability to provide clear analysis and recommendations to program test leadership
RESPONSIBILITES
Duties may include, but are not limited to:
- Ensure all systems and applications meet DoD and Air Force cybersecurity requirements as directed by the Information System Security Manager (ISSM).
- Protect the confidentiality, integrity, and availability of systems, networks, and data by developing, implementing, and maintaining cybersecurity programs, policies, procedures, and security tools.
- Support all Risk Management Framework (RMF) authorization and accreditation activities, including configuration, artifact creation, documentation, and compliance reviews.
- Assist the ISSM in performing risk and vulnerability assessments on planned and operational information systems, identifying security gaps and recommending mitigation actions.
- Conduct security evaluations, audits, and reviews; support development of system contingency and disaster recovery plans; and promote user compliance with cybersecurity policies and training requirements.
- Participate in system and network design efforts to ensure appropriate security controls and RMF activities are incorporated from the start.
- Assist in the collection, analysis, and preservation of digital evidence related to cybersecurity incidents or policy violations.
- Maintain the operational security posture of assigned IT systems, monitor situational awareness, and implement actions to improve or restore cybersecurity resilience.
- Enforce Air Force cybersecurity policies, procedures, configuration guidelines (e.g., STIGs/SRGs), and change management processes.
- Maintain and audit authorized user access documentation and ensure users meet clearance, need‑to‑know, and annual training requirements.
- Report security incidents or vulnerabilities to the ISSM and support implementation of corrective or protective measures.
- Initiate and track exceptions, deviations, or waivers to cybersecurity requirements as needed.
#CJ
"Hanscom Campaign"
A
Astrion
We are the transformative evolution of two prominent government services firms, ERC and Oasis Systems, each bringing with them a rich legacy of dedicated service to our nation’s Defense and Federal communities.
The company brings together 2,800 employees focused on Cybersecurity, Digital Solutions, Mission Support, and Systems Engineering serving customers in more than 36 states across the U.S. with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA.
Our resources, deep expertise, and adaptable solutions will enable us to scale and expand development and engineering capabilities for Defense and Federal communities.