Information System Security Officer (ISSO)
Job Summary
Job Description
Redhorse Corporation is seeking a skilled Information System Security Officer (ISSO) to support the 704th MI BDE at Fort Meade, MD. This role is vital for ensuring the confidentiality, integrity, and availability of sensitive information systems by implementing and maintaining security controls. The ISSO will perform risk and vulnerability assessments, conduct security architecture reviews, and manage Enterprise Mission Assurance Support Service (eMASS) records, including validating security controls and STIGs. Responsibilities include leading continuous monitoring activities, collaborating on assessment and authorization processes to maintain Authority to Operate (ATO), and communicating system status to government leads. The ISSO will also create and maintain cybersecurity policies and standards, ensure alignment with cybersecurity standards, and produce risk-based reports on security assessment results. This position requires a Bachelor's degree in a STEM field with at least 5 years of cybersecurity experience and an active TS/SCI clearance.
Must have:
- Perform ISSO duties per AR 25-2, DA 25-2-14, NIST SP 800-53
- Conduct Risk and Vulnerability Assessments
- Manage eMASS records and POA&M updates
- Lead continuous monitoring activities
- Collaborate on ATO maintenance
- Bachelor's degree in STEM with 5+ years experience
- Active TS clearance, eligible for SCI/NATO
- DoD 8140 / 8570.01-m compliance
- 7 years experience with NSS assessment and accreditation
- 5 years experience validating system security controls
- 5 years experience with vulnerability management
- 4 years experience with DISA STIGs/SRG
- 4 years experience with RMF and eMASS
- 2 years experience with POA&M tracking
- 1 year experience with continuous monitoring
Good to have:
- 5 years experience as ISSO on Army Intel programs
- 1 year experience with AC2SP tenant assessment
- Experience with large DoD contracts
- Experience leading cybersecurity teams
- Familiarity with DataBricks, GitLab, Jira
- Advanced cybersecurity certifications (CISSP, CISM)
4 skills required
Job Details
About the Organization
Now is a great time to join Redhorse Corporation. Redhorse specializes in developing and implementing creative strategies and solutions with private, state, and federal customers in the areas of cultural and environmental resources services, climate and energy change, information technology, and intelligence services. We are hiring creative, motivated, and talented people with a passion for doing what's right, what's smart, and what works.
About the Role
Redhorse is seeking a highly skilled Information System Security Officer (ISSO) to provide critical cybersecurity support to the 704th MI BDE at Fort Meade, MD. This crucial role ensures the confidentiality, integrity, and availability of sensitive information systems by implementing and maintaining robust security controls. The successful candidate will play a vital part in safeguarding national security, working alongside a team of cybersecurity professionals to protect critical military assets. This is a chance to make a significant contribution to a vital mission.
Key Responsibilities
- Perform the duties of an Information System Security Officer (ISSO) as defined in AR 25-2, DA 25-2-14, and the NIST SP 800-53 security controls when the organizationally defined personnel includes the ISSO.
- Conduct Risk and Vulnerability Assessments, perform Security Architecture Reviews and System Security Engineering while simplifying Risk Management Framework (RMF) for DoD Information Technology execution, employing innovative approaches for managing risk, and increasing the level of automation when carrying out specific tasks.
- Actively manage the organization’s Enterprise Mission Assurance Support Service (eMASS) records, including:
- Validating security controls and associated artifacts.
- Assessing security scan results and STIGs as required.
- Performing POA&M updates, tracking, and resolution.
- Lead continuous monitoring activities of the organization.
- Collaborate with the O-ISSM on all assessment and authorization activities to ensure information systems maintain an Authority to Operate (ATO) on all applicable DoD/IC networks.
- Maintain up-to-date status on all assigned systems and communicate status to Government leads.
- Maintain complete records of communications, submit written status reports as required, perform peer-review as directed, and attend weekly meetings.
- Correspond with the Government customer and system administrators to communicate any unacceptable risks identified and correct deficient POA&M items to meet DoD and IC standards.
- Coordinate with the Security Control Assessor (SCA) to perform analysis of the overall risk level the system poses to enterprise networks and mission data.
- Create and maintain cybersecurity policies and standards.
- Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
- Ensure security scans and STIG checklists are updated according to DA G2 policy.
- Produces actionable, risk-based reports on security assessment results.
- Assists with vulnerability remediation when necessary.
- Develops and maintains security plans and security testing plans.
- Periodically updates and improves risk models; metrics; reports; processes; and activities to stay compliant with evolving DoD and IC standards.
- Ensures the user community understands and adheres to necessary procedures to maintain security posture of the information systems.
- Provide guidance in the creation and maintenance of Standard Operating Procedures (SOPs); Tactics, Techniques, and Procedures (TTPs); and other similar documentation.
Required Experience/Clearance
- Bachelor’s degree in an area of Science, Technology, Engineering or Mathematics with at least 5 years’ experience as a cybersecurity professional
- Active TS security clearance and eligible for SCI and NATO read-on prior to starting work.
- Meet the DoD requirements for a privileged user on a TS/SCI information system prior to starting work - DoD 8140 / 8570.01-m requirements.
- 7 years’ experience with the assessment and accreditation activities of national security systems (NSSs)
- 5 years’ experience validating system security controls.
- 5 years’ experience with vulnerability management
- 4 years’ experience with DISA Security Technical Implementation Guides (STIGs), DISA Security Requirements Guide (SRG), and vendor-specific security guides
- 4 years’ experience with RMF and eMASS
- 2 years’ experience with POA&M tracking and resolution
- 1 year experience performing the continuous monitoring of system security controls.
- 5 years’ experience as an ISSO on Army Intel programs
- 1 year experience with AC2SP tenant assessment and accreditation activities
- Experience working on large Department of Defense contracts.
- Experience leading a team of cybersecurity professionals.
- Familiarity with DataBricks, GitLab, or Jira.
- Advanced certifications in cybersecurity (e.g., CISSP, CISM).
Accommodations:
If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to access job openings or apply for a job on this site as a result of your disability. You can request reasonable accommodations by contacting Talent Acquisition at Talent-Acquisition@redhorsecorp.com
Redhorse Corporation shall, in its discretion, modify or adjust the position to meet Redhorse’s changing needs.
This job description is not a contract and may be adjusted as deemed appropriate in Redhorse’s sole discretion.
Similar Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
Similar Skill Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
Jobs in Fort Meade, Maryland, United States
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
Similar Category Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
