Information System Security Officer (ISSO)

Job Title: Information System Security Officer (ISSO)

Certification Required: Active CompTIA Security

Location: Remote

Position Type: Full-Time

Job Summary:

We are seeking a seasoned Information System Security Officer (ISSO) with a minimum of eight (8) years of demonstrated experience supporting cybersecurity and compliance efforts within a U.S. Government Agency or the Department of Defense (DoD). The ideal candidate must hold an active CompTIA Security certification and possess in-depth knowledge of federal security standards including NIST 800-53 FISMA RMF and FedRAMP requirements. This role is critical in ensuring systems are secure compliant and aligned with government cybersecurity mandates.

Key Responsibilities:

• Serve as the ISSO for assigned systems ensuring adherence to federal and DoD cybersecurity policies and procedures.
• Implement and maintain security controls in alignment with the Risk Management Framework (RMF).
• Ensure system security documentation (SSP POA&M SAR etc.) is current and accurate.
• Coordinate and support system security audits ATO (Authority to Operate) processes and continuous monitoring activities.
• Monitor security posture through security tools audit logs and vulnerability scanning tools (e.g. Nessus ACAS).
• Liaise with system owners developers and administrators to ensure proper security configurations and controls are in place.
• Participate in security incident response analysis and reporting as required.
• Conduct periodic security assessments and provide risk mitigation recommendations.
• Maintain up-to-date knowledge of cybersecurity threats trends and best practices in federal environments.
• Train and guide technical staff on security best practices and compliance requirements.

Required Qualifications:

• Minimum of 8 years of ISSO experience within a U.S. Government Agency or DoD environment.
• Active CompTIA Security certification (must be current).
• Deep knowledge of NIST SP 800-53 RMF FISMA and other federal cybersecurity compliance frameworks.
• Experience with the development and maintenance of security documentation and ATO packages.
• Familiarity with SIEM vulnerability scanning and continuous monitoring tools.
• Strong understanding of system security access controls network security and incident response.
• Excellent documentation communication and stakeholder engagement skills.

Preferred Qualifications:

• Additional certifications such as CISSP CISM CAP CEH or CISA.
• Experience with FedRAMP systems and cloud security assessments.
• Familiarity with eMASS XACTA or other A&A platforms.
• Prior experience supporting civilian and DoD agencies.