Jobs · Information Technology · Maryland

Senior Information Systems Security Officer (ISSO)

Independent Software, Inc. · Ellicott City, MD · 1 wk ago
Information TechnologyFull-time

Key Responsibilities

  • Manage daily security operations for information systems ensuring compliance with Department of Defense and Intelligence Community cybersecurity policies, directives, and frameworks
  • Support and enforce information assurance initiatives across programs, systems, and enclaves to strengthen overall security posture
  • Conduct vulnerability and risk assessments to support accreditation decisions and ensure system integrity throughout development and sustainment
  • Administer configuration control for security software, hardware, and firmware ensuring all changes are evaluated for potential security impacts
  • Create and maintain critical security documentation including: – System Security Plans (SSPs) – Risk Assessment Reports (RARs) – Plan of Actions and Milestones (POA&Ms) – Certification and Accreditation Packages – System Requirements Traceability Matrices (SRTMs)
  • Lead system authorization efforts in accordance with the Department of Defense Risk Management Framework process and legacy NISCAP standards ensuring timely submission and approval of security artifacts
  • Evaluate, implement, and maintain security solutions for classified processing environments ensuring compliance with required controls and standards
  • Utilize and manage agency-specific security tools such as Latteart, Biscoti, Xacta, ACAS, Nessus, or similar platforms for monitoring, assessment, and reporting
  • Provide technical expertise in security policies, procedures, and countermeasures to protect systems from unauthorized access or compromise
  • Work directly with system administrators, engineers, and program leadership to resolve security issues and embed cybersecurity best practices across all project phases
  • Assess current security processes, identify vulnerabilities, and develop proactive solutions to strengthen the organization’s cybersecurity posture

Required Skills And Qualifications

  • Ability to interpret and apply Department of Defense, National Institute of Standards and Technology, and Intelligence Community security standards including NIST SP 800-53, CNSSI 1253, and DoDI 8510.01
  • Skilled in Risk Management Framework steps 1 through 6, risk mitigation, and continuous monitoring
  • Experience implementing and validating technical controls for operating systems, applications, and network devices
  • Hands-on experience with vulnerability scanners, audit tools, and enterprise security management systems such as ACAS, Nessus, or comparable tools
  • Familiarity with customer security tools, repositories, playbooks, and compliance guidelines
  • Operational understanding of server technologies, information assurance practices, and networking protocols and services
  • Strong written and verbal communication skills with the ability to brief stakeholders and leadership
  • Prior exposure to infrastructure provisioning or configuration management tools (e.g., Ansible, Terraform)

Education And Experience

  • Bachelor’s degree in computer science, Information Security, Information Assurance, or related technical discipline
  • In lieu of a degree, an additional four years of relevant experience may be substituted
  • Minimum of twelve or more years of professional experience in cybersecurity, information assurance, or systems security engineering
  • Minimum of ten or more years of ISSO or equivalent experience supporting Department of Defense or Intelligence Community programs of similar scope, type, and complexity
  • Certifications: DoD 8140.03 compliance with IAM Level II or IAT Level III (CASP, CISSP, or Associate)

Why Choose Independent Software?

  • People-focused culture with collaboration, integrity, and innovation at the core
  • Ongoing training, mentorship, and career development opportunities
  • Competitive compensation, generous benefits, and work-life balance

Similar jobs