Information Systems Security Officer
Base-2 Solutions · Annapolis Junction, MD · 2 days ago
Information TechnologyFull-time
Job Description
Base-2 Solutions is seeking an Information Systems Security Officer (ISSO) to ensure the security posture of mission-critical systems by supporting compliance efforts, managing risk, and enforcing security policies.
Responsibilities
- Ensures system compliance with federal, DoD, and IC cybersecurity regulations and standards, including NIST, ICD 503, CNSS, and RMF.
- Maintains and updates security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), Plan of Action and Milestones (POA&Ms), and Continuous Monitoring Plans.
- Collaborates with Information Systems Security Engineers (ISSEs), system administrators, and program managers to integrate security requirements into system lifecycle.
- Facilitates and oversees system authorization activities in accordance with the Risk Management Framework (RMF) process.
- Maintains and reports on system security posture, incident response, and remediation efforts.
- Conducts risk assessments and vulnerability analysis, providing recommendations for mitigating identified risks.
- Provides security awareness training to system users and enforces proper security practices.
- Acts as a liaison between the organization and government customers, ensuring timely communication of security updates and issues.
Requirements
- Strong knowledge of security regulations.
- Adaptable and excellent communication skills.
Qualifications
- Security certifications such as CISSP, CAP, Security+, CISM, CEH, AWS Security Specialty.
- Experience with security frameworks and policies: NIST SP 800-53, RMF, ICD 503, CNSS, DoD STIGs, FISMA, FedRAMP.
- Experience managing security documentation: SSPs, POA&Ms, Security Controls Assessment (SCA) artifacts, SARs, SCTM.
- Knowledge of security technologies: Firewalls, SIEMs, VPNs, IDS/IPS, DLP, PKI, Multi-Factor Authentication.
- Experience with operating systems: Windows, Linux, Unix, macOS.
- Experience with Cloud environments (AWS, Azure, Google Cloud) and cloud security controls.
- Familiarity with vulnerability scanning, security testing, incident response processes.
- Collaboration tools like JIRA, Confluence, ServiceNow.
Benefits
- Competitive fixed salary or hourly pay (based on experience, skills, location, and internal equity).
- Employee referral bonuses up to $10,000 per hired referral.
- Additional bonus opportunities for exceptional performance and contributions to business development and company growth (role-dependent).
- Health: 100% company-paid medical premiums for employees and eligible dependents.
- Dental: 100% company-paid dental premiums for employees and eligible dependents.
- Vision: 100% company-paid vision premiums for employees and eligible dependents.
- Income Protection: 100% company-paid premiums for short-term disability, long-term disability, accidental death & dismemberment (AD&D), and life insurance up to $200,000.
- Retirement: 401(k) with immediate vesting: 4% company match plus a 4% non-elective company contribution (8% total). 401(k) pre-tax and Roth options.
- Leave: Up to 20 days of flexible paid time off (PTO). 11 paid floating holidays.
- Work-Life Balance: Flexible work schedules, including flex time and compressed work periods (contract and project-dependent).