Information Systems Security Officer (ISSO)
Space Dynamics Laboratory · North Logan, UT · Today
Information Technology$94k–$160k/yrFull-time
Key Responsibilities
- Ensures information systems comply with Intelligence Community Directives (ICDs), CNSSI, NIST 800-53, and the Risk Management Framework (RMF) for TS/SCI systems
- Conducts risk assessments, vulnerability management, and mitigation planning for highly classified systems
- Performs audits of log review, reduction, and analysis using Splunk to support security monitoring and investigations
- Led and executed the full Risk Management Framework (RMF) lifecycle to achieve and maintain an Authorization to Operate (ATO) for TS/SCI systems
- Oversees security operations, threat analysis, and intrusion detection in TS/SCI enclaves
- Develops and executes incident response plans, including data spill response and containment in classified environments
- Executes vulnerability scanning using tenable tools (e.g., ACAS) and analyzes results to identify, prioritize, and remediate system vulnerabilities
- Collaborates with program managers, ISSMs, ISSEs, system administrators, and engineers to ensure secure system design and operation
- Serves as a trusted advisor to leadership on IC cybersecurity requirements, emerging threats, and risk posture
- Interfaces with Government stakeholders including Authorizing Officials (AOs), Security Control Assessors (SCAs), and IC oversight teams
Required Qualifications
- Active TS/SCI clearance
- 5-10 years of experience in information systems security within IC or other highly classified environments
- DoW 8570/8140 compliant – IAT Level II and IAM Level II (or higher) required at time of hire
- Bachelor’s degree in cybersecurity, computer science, information assurance, or a related field (or equivalent experience)
- Certifications: Security+, CySA+, GSEC, SSCP, CCSP or equivalent
- Extensive knowledge of IC and DoW security frameworks: ICDs, CNSSI, NIST 800-53, RMF, JSIG, and SAP security controls
- Experience with security documentation including SSPs, POA&Ms, SARs, ISAs, MOUs, and ATO packages
- Experience supporting SCI systems, including accreditation and lifecycle management
- Experience executing Incident Response Plans, including classified data spillage remediation
- Hands-on experience with Continuous Monitoring (CONMON) activities and reporting
- Experience using Tenable tools (ACAS) for vulnerability scanning and remediation tracking
- Experience using Splunk for log analysis and security monitoring
- Ability to produce detailed technical reports for system owners and stakeholders
- Strong technical background in vulnerability management, system hardening, and secure architecture
Preferred Qualifications
- Master’s degree in cybersecurity, computer science, or a related field
- Certifications: CISSP, CISM, CISA, CGRC, CASP+, or equivalent
- Familiarity with Service Now (SNOW), eMASS, XACTA, and/or other IC authorization tools
- Experience with JSIG, ICD 503, and RMF processes
- Experience with interconnection agreements (ISA/MOU/MOA) in IC environments
- Deep understanding of multi-enclave architectures, cross-domain solutions, and classified network segmentation
- Experience assessing and articulating risk for non-implemented or inherited controls
- Strong understanding of network protocols, system architectures, and secure configurations in TS/SCI environments
- Ability to translate technical security concepts into mission-relevant risk language for leadership
- Experience working across multi-disciplinary teams including developers, engineers, and system administrators
- Demonstrated ability to work independently with minimal supervision in high-security environments