Information Systems Security Officer (ISSO)
MDAEdge · Huntsville, AL · 1 mo ago
On-siteOTHRFull-time
Key responsibilities
- Support system authorization, continuous monitoring, and compliance activities for classified (SAP) environments, ensuring adherence to DoD security requirements and risk management frameworks.
- Perform verified risk assessments for all security controls, aligned with Joint SAP Implementation Guide (JSIG) methodologies.
- Develop and maintain artifacts for Control Validation Tests (CVTs) to confirm compliance with Authorizations to Operate (ATOs) for SAP packages.
- Monitor and assist with the implementation of required security controls across systems and environments.
- Conduct hands‐on audits of Windows and Linux systems and interpret and apply Security Technical Implementation Guides (STIGs).
- Monitor and validate patch management activities and endpoint security controls.
- Manage and monitor Plans of Action and Milestones (POA&Ms), ensuring timely remediation and tracking.
- Develop security metrics and reporting artifacts for stakeholders, including leadership and compliance teams.
Required skills and knowledge
- Strong experience as an Information System Security Officer (ISSO) or in a similar cybersecurity / security compliance role.
- Proficiency working with Windows and Linux operating systems.
- Experience using SolarWinds Security Event Manager (SEM) or similar SIEM/logging tools.
Nice-to-have/desired qualifications
- Demonstrated experience performing security assessments, audits, and STIG compliance work.
- Familiarity with DoD security policies, SAP, ATO processes, and risk‐management frameworks.
- Experience supporting environments with 10% travel requirements.