Senior Information Systems Security Officer (ISSO)
Independent Software, Inc. · Ellicott City, MD · 1 wk ago
Information TechnologyFull-time
Key Responsibilities
- Manage daily security operations for information systems ensuring compliance with Department of Defense and Intelligence Community cybersecurity policies, directives, and frameworks
- Support and enforce information assurance initiatives across programs, systems, and enclaves to strengthen overall security posture
- Conduct vulnerability and risk assessments to support accreditation decisions and ensure system integrity throughout development and sustainment
- Administer configuration control for security software, hardware, and firmware ensuring all changes are evaluated for potential security impacts
- Create and maintain critical security documentation including: – System Security Plans (SSPs) – Risk Assessment Reports (RARs) – Plan of Actions and Milestones (POA&Ms) – Certification and Accreditation Packages – System Requirements Traceability Matrices (SRTMs)
- Lead system authorization efforts in accordance with the Department of Defense Risk Management Framework process and legacy NISCAP standards ensuring timely submission and approval of security artifacts
- Evaluate, implement, and maintain security solutions for classified processing environments ensuring compliance with required controls and standards
- Utilize and manage agency-specific security tools such as Latteart, Biscoti, Xacta, ACAS, Nessus, or similar platforms for monitoring, assessment, and reporting
- Provide technical expertise in security policies, procedures, and countermeasures to protect systems from unauthorized access or compromise
- Work directly with system administrators, engineers, and program leadership to resolve security issues and embed cybersecurity best practices across all project phases
- Assess current security processes, identify vulnerabilities, and develop proactive solutions to strengthen the organization’s cybersecurity posture
Required Skills And Qualifications
- Ability to interpret and apply Department of Defense, National Institute of Standards and Technology, and Intelligence Community security standards including NIST SP 800-53, CNSSI 1253, and DoDI 8510.01
- Skilled in Risk Management Framework steps 1 through 6, risk mitigation, and continuous monitoring
- Experience implementing and validating technical controls for operating systems, applications, and network devices
- Hands-on experience with vulnerability scanners, audit tools, and enterprise security management systems such as ACAS, Nessus, or comparable tools
- Familiarity with customer security tools, repositories, playbooks, and compliance guidelines
- Operational understanding of server technologies, information assurance practices, and networking protocols and services
- Strong written and verbal communication skills with the ability to brief stakeholders and leadership
- Prior exposure to infrastructure provisioning or configuration management tools (e.g., Ansible, Terraform)
Education And Experience
- Bachelor’s degree in computer science, Information Security, Information Assurance, or related technical discipline
- In lieu of a degree, an additional four years of relevant experience may be substituted
- Minimum of twelve or more years of professional experience in cybersecurity, information assurance, or systems security engineering
- Minimum of ten or more years of ISSO or equivalent experience supporting Department of Defense or Intelligence Community programs of similar scope, type, and complexity
- Certifications: DoD 8140.03 compliance with IAM Level II or IAT Level III (CASP, CISSP, or Associate)
Why Choose Independent Software?
- People-focused culture with collaboration, integrity, and innovation at the core
- Ongoing training, mentorship, and career development opportunities
- Competitive compensation, generous benefits, and work-life balance