Information Systems Security Officer ISSO

Company Overview
Development InfoStructure LLC.(Devis)is a leading provider of innovative software development management and consulting services specializing in cuttingedge technologies such as DevSecOps AI and Machine Learning. With over 30 years of experience as a small business we have established ourselves as a trusted partner for government agencies delivering tailored missioncritical solutions that drive digital transformation and operational excellence. Our clientcentric approach coupled with our deep domain expertise and technical prowess enables us to forge enduring relationships and consistently deliver highimpact adaptive solutions that resonate with the unique needs of the public sector.

Our primary mission is to best serve the needs of our clients by solutioning with our stakeholder teams to ensure that the goals and objectives of our customers are proactively solutioned such that opportunities to invest our time in developing longterm solutions and assets are abundant and move our clients forward efficiently.

At Devis we are enthusiastic about our research our work and embracing an environment where all are supported in the mission while maintaining a healthy worklife balance.

Overview

As a midlevel ISSO you will play a key role in supporting Multilevel Security (MLS) implementation cybersecurity risk management compliance activities and system accreditation support. You will serve as an advisor on MLS solutions security documentation policy interpretation and continuous monitoring of system security postures. This position requires a proactive and organized professional who thrives in a fastpaced environment and works collaboratively with stakeholders across technical and security teams.

You will be the primary point of contact for maintaining and monitoring system security documentation including Security System Plans (SSPs) Plans of Actions and Milestones (POA&Ms) security procedures and network architecture diagrams. You will provide expertise to support IRM TRB processing Security Impact Assessment (SIA) packages and security policy enforcement under evolving federal cybersecurity directives including NIST SP 80053 Rev 5 and M2209. This role is fulltime onsite with a flexible work schedule.

Responsibilities

• Analyze and define security requirements for Multilevel Security (MLS) systems and environments
• Design engineer and implement technical solutions to meet MLS and system security requirements
• Conduct risk analyses and assessments documenting findings and recommendations
• Develop and update security documentation including standards policies SOPs and architecture diagrams
• Serve as the primary Point of Contact (POC)for:
  • Security Impact Assessment (SIA) packages for the Network Operations Center (NOC).
  • IRM ITCCB submissions and tracking.
  • Monthly quarterly and annual ISSO checklist deliverables.
  • Updates to System Security Plans (SSPs) and POA&M entries.
  • Monitoring cybersecurity scorecard metrics.
• Participate in governance and compliance activities including IRB CCB A&A and M2131 policy meetings.
• Provide secondary support for:
  • Transition to NIST SP 80053 Rev 5 controls.
  • Implementation of M2209 Zero Trust cybersecurity principles.
  • Transition from General Support System (GSS) to AWShosted infrastructure.
  • Supply Chain Risk Management control family establishment.
  • Compliance with FAN/FAH guidance and Binding Operational Directives
• Support the preparation and maintenance of A&A packages and system compliance documentation.
• Respond to taskers and special projects as assigned.

Required Skills and Qualifications

• BA/BS inInformation Systems Cybersecurity or a related field.
• 57 years of handson experience in system security risk analysis and compliance.
• Experience implementing and maintaining security documentation in accordance with RMF and NIST guidance
• Working knowledge of FedRAMP FISMA and DHS cybersecurity compliance frameworks
• Familiarity with AWS security practices and cloud compliance strategies
• Understanding of Zero Trust Architecture and its application in federal environments
• Experience using governance tools (e.g. eMASS Xacta ServiceNow GRC)
• Excellent organizational and tracking skills especially for POA&M and control implementation statuses
• Demonstrated ability to interpret federal policy and translate into actionable security tasks
• Experience with the Federal government preferably with DOS

• Must be a U.S. Citizen with the ability to obtain and maintain a Secret clearance.
• Active Secret Clearance.

Additional Perks/Benefits

• Competitive Salary Compensation
• 401k Retirement Contribution Savings Plan

Devis is an AA/EOE/M/F/Disabled/VET Employer committed to providing equal employment opportunity without regard to an individuals race color religion age gender sexual orientation veteran status national origin or disability.