Information System Security Officer, Level 1

What you will be doing!

As an Information Systems Security Officer, you will play a key role in maintaining and enhancing the security posture of classified and sensitive information systems. You will support the implementation, coordination, and enforcement of cybersecurity policies and procedures in alignment with government and agency-specific standards. Your work will ensure systems operate securely and in compliance with the Risk Management Framework (RMF), while also supporting day-to-day operations and strategic initiatives.

Key Responsibilities:

• Provide cybersecurity support for programs, systems, or organizational enclaves
• Develop, implement, and enforce IT security policies and methodologies
• Maintain the operational security posture of systems under your purview
• Coordinate and manage security authorization processes (A&A)
• Prepare and maintain documentation including SSPs, SCTMs, POA&Ms, and Risk Assessments
• Evaluate and implement security controls to meet NIST, DoD, and IC requirements
• Perform and document vulnerability/risk assessments and baseline evaluations
• Support configuration management and assess security impact of system changes
• Initiate reauthorization or decommissioning processes as needed
• Track and close out security liens and respond to IAVAs
• Recognize, report, and respond to cybersecurity incidents and violations
• Conduct audit log reviews and continuous monitoring activities
• Deliver security awareness training and provide ongoing compliance oversight
• Collaborate with system/network admins to document data flow and system architecture
• Lead and support corrective actions when vulnerabilities are discovered
• Maintain system compliance through ongoing assessment and remediation

• Strong understanding of the NIST Risk Management Framework (RMF)
• Familiarity with security tools, encryption technologies, and communication protocols
• Knowledge of applicable IA policies, controls, and continuous monitoring strategies
• Ability to lead system authorization activities and manage security documentation
• Experience in audit log analysis and vulnerability management
• Excellent verbal and written communication skills
• Self-starter with strong problem-solving, leadership, and teamwork skills
• Availability to respond to after-hours requests in a 24/7 support environment

• Bachelor’s degree in Computer Science, Information Technology, or a related discipline from an accredited college or university
• Five (5) years of experience as an ISSO supporting systems of similar scope, type, and complexity
• Four (4) years of additional ISSO experience may substitute for the required degree

• Must meet DoD 8570 IAT Level I requirements or higher