ISSO Specialist

Job Description

This position is 100% onsite due to the nature of the work and requires working primarily in a closed space. The role will require flexibility to support mission needs, including occasional off-hours, weekend work, and on-call rotations to meet operational or inspection deadlines.

The ISSO Specialist develops and maintains an information systems (IS) security program and policies for the assigned area of responsibility. The role includes developing and overseeing operational IS security implementation policies and guidelines, monitoring resources for system vulnerabilities, and ensuring system recovery processes restore and maintain security functionality.

Responsibilities include conducting security assessments, tests, and reviews, managing incidents or vulnerabilities affecting classified systems, enforcing configuration management policies, and ensuring compliance with the System Security Plan (SSP). The ISSO will also develop and maintain POA&Ms, identify IS weaknesses, manage corrective actions, and ensure user activity monitoring data is properly analyzed and protected.

Key Responsibilities:

· Support Air Force Programs with mid-level experience preferred

· Assist and support necessary compliance activities (e.g., ensure system security configuration guidelines are followed, compliance monitoring occurs)

· Continuously validate the organization against applicable policies, procedures, and regulations

· Ensure remediation plans are in place for vulnerabilities identified during audits or inspections

· Promote security awareness among management and staff

· Track audit findings and ensure appropriate mitigation actions

· Recommend resource allocations to securely operate and maintain cybersecurity requirements

· Provide technical documentation, incident reports, and situational awareness updates

· Support Program Managers and ISSM in developing and maintaining SSPs, POA&Ms, and other RMF artifacts

· Conduct vulnerability scanning, configuration assessments, and remediation

· Lead IT security priorities aligned with organizational security strategy

· Prepare for and participate in compliance assessments

· Interpret noncompliance patterns to assess risk and overall cybersecurity effectiveness

Education and Certifications

· BS degree preferred (not required)

· Security+ (DoD 8570 IAT Level II) certification required

Other Requirements

· Active Top Secret clearance with SCI eligibility (CI Polygraph may be required)

· Must be available for occasional off-hours and weekend work

· Onsite position, 5 days per week

· Interview Process:

· Initial phone screen

· Extensive Zoom interview with team members

Get Application Updates

Email: [email protected] / [email protected]

What Else Are You Looking for in a Candidate? (Qualifications and Skills)

Must Have:

· System Auditing – 4 years

· Regulatory & Compliance – 4 years

· STIGs/SCAP – 4 years

· Assessing Security Controls (CS105.16) – 4 years

· Assessment and Authorization – 4 years

· Authorizing Systems (CS106.16) – 4 years

· Categorization of the System (CS102.16) – 4 years

· Continuous Monitoring (CS200.16) – 4 years

· Implementation of Controls (CS104.16) – 4 years

· Monitoring Security Controls (CS107.16) – 4 years

· NIST 800-53 – 4 years

· NIST SP 800-37 – 4 years

· Risk Management Framework (RMF) – 4 years

· Selecting Security Controls (CS103.16) – 4 years

· Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security) – Required

Nice to Have:

· Bachelor’s Degree – Yes

· HBSS – 0 years

· NIST 800-171 – 0 years

Job Type: Contract

Pay: $80.00 per hour

Expected hours: 40 per week

Work Location: In person