Information System Security Officer (ISSO)

We are seeking a mid-level Information System Security Officer (ISSO) to support and manage classified and/or sensitive information systems operating under the Department of Defense (DoD) Special Access Program (SAP) environment.

The ISSO will ensure systems remain compliant with applicable cybersecurity and RMF requirements while supporting secure operations, accreditation activities, continuous monitoring, and audit readiness.

Key responsibilities include:

• Managing day-to-day cybersecurity operations for SAP information systems and networks.
• Ensuring compliance with RMF, JSIG, NIST 800-53, ICD 503, and applicable DoD cybersecurity policies.
• Supporting system accreditation activities, including authorization packages, POA&Ms, SSPs, and security control assessments.
• Maintaining continuous monitoring activities, including vulnerability management, patch management, configuration management, and audit log reviews.
• Conducting periodic security audits, inspections, and self-assessments.
• Coordinating with ISSMs, system administrators, program managers, and government customers to resolve cybersecurity findings and maintain system authorization status.
• Reviewing and evaluating hardware/software changes for security impact and compliance.
• Assisting with incident response activities, reporting, and remediation efforts.
• Supporting account management processes, media control, system access reviews, and privileged user oversight.
• Ensuring cybersecurity documentation remains accurate and current throughout the system lifecycle.
• Participating in security testing, vulnerability scanning, and remediation tracking.
• Providing cybersecurity guidance and training to system users and administrators.