Information Systems Security Officer (ISSO)
Onyx Government Services · Scott AFB, IL · 1 mo ago
On-siteInformation TechnologyFull-time
About the role
The ISSO / RMF Engineer owns TRDM's ATO lifecycle. Maintains eMASS package, manages POA&Ms, executes IAVM, runs STIG/ACAS scans, and integrates security across the SDLC. Supports cyber incident reporting per PWS §5 (72-hour timeline).
Responsibilities
- Maintain TRDM Authority to Operate (ATO) in eMASS
- Produce evidence/artifacts for all applicable NIST 800-53 controls (95% quality threshold per PWS)
- Execute IAVM program; coordinate with 375th ESS and AMC/A6
- Run STIG/SRG, ACAS, and Fortify scans; remediate findings
- Maintain POA&M; track milestones and risk acceptance
- Lead annual security review (ASR)
- Report cyber incidents within 72 hours
- Support continuous monitoring per FedRAMP and DoD policy
Requirements
- Active SECRET clearance
- US Citizen
- Bachelor's degree
- CISSP
- DoD 8570 IAT-II
- 7+ years cybersecurity / RMF
- 3+ years as ISSO on DoD systems
- Hands-on eMASS experience
Qualifications
- CAP
- DoD Zero Trust experience
- FedRAMP experience
- Prior USTRANSCOM or AMC RMF experience
Skills
- Active SECRET clearance
- US Citizen
- Bachelor's degree
- CISSP
- DoD 8570 IAT-II
- 7+ years cybersecurity / RMF
- 3+ years as ISSO on DoD systems
- Hands-on eMASS experience
Benefits
- On-site primary; off-site permitted for unclassified work where noted.
Pay
TBD
Schedule
Not specified