Senior Information Systems Security Officer (ISSO)/Information Systems Security Manager (ISSM)

CALIBRE

Aberdeen, MD

JOB DETAILS
SALARY
$150,000–$160,000
JOB TYPE
Full-time
SKILLS
Access Authorization, Amazon Web Services (AWS), Automation, Best Practices, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cisco ASA (Adaptive Security Appliance), Cloud Computing, Communication Skills, CompTIA Security+, Computer Security, Database Administration, Defense Information Systems Agency (DISA), DoD Directive 8140, DoD Directive 8570, Documentation, GSLC - GIAC Security Leadership Certificate, Government, IAM - Information Assurance Management, Information Systems Security Engineering (ISSE), Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Leadership, Maintain Compliance, Onboarding, Operational Improvement, Operational Strategy, Presentation/Verbal Skills, Product Support, Project/Program Management, Risk, Risk Analysis, Risk Management Framework (RMF), Secret Clearance, Security Analysis, Security Monitoring, ServiceNow, Software Administration, Software Development Lifecycle (SDLC), Software Installation, Standard Operating Procedures (SOP), Systems Administration/Management, Technical Support, United States Citizen, United States Department of Defense (DoD), Writing Skills
LOCATION
Aberdeen, MD
POSTED
2 days ago

CALIBRE Systems, inc., an employee-owned, mission focused solutions and digital transformation company is seeking a highly experienced and professional Information Systems Security Officer (ISSO) / Information Systems Security Manager (ISSM) to support a Department of War (DoW) cybersecurity modernization initiative focused on Risk Management Framework (RMF) execution, continuous monitoring, compliance automation, and enterprise adoption of RegScale. This role will serve as the onsite primary cybersecurity compliance lead and trusted advisor to government stakeholders, cybersecurity personnel, system owners, and senior leadership.

The successful candidate will possess considerable expertise in RMF, DoW cybersecurity policy requirements, and project management. The individual will play a critical role in driving the implementation and adoption of RegScale while ensuring compliance with federal and DoW cybersecurity standards.

This position will be performed onsite at Aberdeen Proving Grounds (APG) and will be in support of systems on the DoW SIPRNet environment.  This position will be on site.  

Responsibilities

  • Serve as the onsite lead ISSO/ISSM supporting cybersecurity authorization and compliance efforts across multiple DoW systems.
  • Lead system onboarding efforts into RegScale and support the configuration, optimization, and automation of governance, risk, and compliance (GRC) processes.
  • Act as onsite liaison between ASA(ALT) and Team CALIBRE to provide continued technical and product support for the RegScale application.
  • Installation of software and experience with databases and OS installation and configuration.
  • Provide expert guidance on all phases of the Risk Management Framework (RMF) lifecycle, including system categorization, control implementation, assessment, authorization, and continuous monitoring.
  • Act as the organization's primary subject matter expert for eMASS, ensuring accurate management of authorization packages, security controls, inheritance relationships, POA&Ms, and system artifacts.
  • Maintain the RegScale accreditation throughout the SDLC, to include develop, maintain, and review security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), Plan of Action & Milestones (POA&Ms), and Standard Operating Procedures (SOPs).
  • Coordinate with government leadership, ISSMs, ISSOs, system owners, security control assessors, and engineers to ensure compliance with DoW cybersecurity requirements.
  • Conduct RegScale and eMASS user training sessions and provide ongoing support to stakeholders throughout the authorization process.
  • Support vulnerability management activities, including ACAS review, DISA STIG compliance, remediation tracking, and POA&M management for the RegScale application.
  • Identify opportunities across ASA(ALT) and Army organizations to automate compliance activities, improve operational efficiencies, and streamline enterprise cybersecurity processes.
  • Provide executive-level reporting, risk assessments, and recommendations to government and program leadership. 
  •  


Required Skills
  • Active Secret Clearance or higher.
  • Minimum of seven (7) years of hands-on experience supporting DoW or DoD systems utilizing eMASS.
  • Minimum of seven (7) years of experience executing RMF and Assessment & Authorization (A&A) activities within DoW or DoD environments.
  • Experience serving as either ISSO, ISSM, ISSE, Security Control Assessor (SCA), Validator, or equivalent cybersecurity role.
  • Expert-level proficiency with eMASS.
  • Extensive knowledge of:
  • Strong written and verbal communication skills with the ability to interact effectively with technical and non-technical stakeholders.
  • U.S. Citizenship required.
  • Experience implementing, administering, or supporting RegScale within a federal or DoW environment.
  • Experience with GRC platforms such as ServiceNow GRC, RSA Archer, Xacta, CSAM, or similar tools.
  • Experience integrating compliance tools with workflow, ticketing, and reporting systems.
  • Experience supporting AWS or other cloud-based environments.
  • Knowledge of ACAS, STIG Viewer, and vulnerability management best practices.
  • Master's degree in Cybersecurity, Information Assurance, Information Systems, or a related discipline.


Required Experience

Candidates must possess one of the following DoD 8570/8140 IAM Level III certifications:

  • CISSP
  • CISM
  • GSLC

Preferred certifications include:

  • CGRC
  • CISA
  • Security+

Why Join CALIBRE?

This is an opportunity to lead a high-visibility cybersecurity modernization effort supporting the Department of War. You will work directly with government stakeholders to advance compliance automation, improve RMF execution, and drive enterprise adoption of next-generation GRC capabilities through RegScale while serving as a key cybersecurity leader within the organization.

 

About the Company

C

CALIBRE