Information Systems Security Officer (ISSO)
Sev1Tech LLC · Denver, CO · 1 wk ago
Information Technology$112k–$139k/yrFull-time
About the role
Entarian is seeking an experienced Information Systems Security Officer (ISSO) to support the cybersecurity compliance, accreditation, and day-to-day security operations of assigned information systems in accordance with applicable government policies, cybersecurity standards, and Risk Management Framework (RMF) requirements. The ISSO works closely with the Information System Security Manager (ISSM), Information System Security Engineers (ISSEs), system administrators, engineers, and government stakeholders to ensure information systems remain compliant, secure, and authorized throughout the system life-cycle.
Responsibilities
- Serve as the Information Systems Security Officer (ISSO) for assigned information systems, ensuring compliance with applicable cybersecurity policies, procedures, and government requirements.
- Support implementation and execution of the Risk Management Framework (RMF) life-cycle, including system categorization, security control implementation, assessment, authorization, and continuous monitoring.
- Support Authorization to Operate (ATO), Authorization to Connect (ATC), Interim Authorization to Test (IATT), and system reauthorization activities by preparing and maintaining required cybersecurity documentation.
- Maintain System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), security control implementation documentation, continuous monitoring artifacts, and other RMF deliverables.
- Monitor system security posture through vulnerability assessments, configuration reviews, security compliance checks, and continuous monitoring activities.
- Coincide vulnerability remediation activities with system administrators, engineers, and technical teams to resolve cybersecurity findings and maintain compliance.
- Review proposed system changes, software releases, configuration changes, and architecture updates to assess cybersecurity impacts and support accreditation requirements.
- Conduct periodic security audits, self-assessments, and compliance reviews to verify implementation of required security controls.
- Coincide with security control assessments, inspections, audits, and government cybersecurity reviews.
- Coincide with the ISSM, ISSEs, system owners, Authorizing Official (AO), Security Control Assessor (SCA), and other stakeholders regarding system authorization status, security findings, and compliance activities.
- Aid in cybersecurity incident reporting, documentation, investigation support, and corrective action tracking.
- Support security awareness activities and provide cybersecurity guidance to system users and project teams.
- Prepare technical documentation, status reports, compliance metrics, and executive briefings supporting program leadership and government customers.
Qualifications
- Active Top Secret security clearance with SCI eligibility.
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related technical discipline. Equivalent experience may be considered.
- Minimum five (5) years of experience serving as an Information Systems Security Officer (ISSO) or supporting cybersecurity compliance for Department of Defense, Intelligence Community, or federal information systems.
- Demonstrated experience supporting the Risk Management Framework (RMF) in accordance with NIST SP 800-37, NIST SP 800-53, and applicable DoD cybersecurity guidance.
- Experience supporting Authorization to Operate (ATO), Authorization to Connect (ATC), Interim Authorization to Test (IATT), or other government system authorization activities.
- Familiarity with vulnerability management, security control implementation, configuration management, and cybersecurity compliance activities.
- Experience coordinating with system administrators, systems engineers, software developers, ISSMs, and government cybersecurity organizations.
- Working knowledge of enterprise operating systems, networking, cloud environments, and information security technologies.
- DoD 8140 (or legacy DoD 8570) compliant cybersecurity certification such as Security+, SSCP, GSEC, CISSP, CAP, or other qualifying certification.
- Strong written and verbal communication skills with the ability to prepare technical documentation and communicate cybersecurity requirements to technical and non-technical stakeholders.
- Proficiency with Microsoft Office Suite, including Word, Power-Point, Excel, Project, and Outlook.
- Ability to travel approximately 25% to support customer locations, cybersecurity assessments, mission partner engagements, and operational activities.
Pay
$112,000.00 - $139,000.00