Information Systems Security Officer (ISSO) - Senior

Modern Technology Solutions, Inc.

Dayton, United States of America

1 month ago

Role details

Contract type

Permanent contract

Employment type

Full-time (> 32 hours)

Working hours

Regular working hours

Languages

English

Experience level

Senior

Job location

Dayton, United States of America

Tech stack

Microsoft Windows

Amazon Web Services (AWS)

Cloud Computing Security

Configuration Management

CompTIA Security+

Computer Security

Information Systems

Linux

Document Management Systems

Intrusion Detection and Prevention

Python

Network Security

Powershell

SAP Applications

Security Information and Event Management

Scripting (Bash/Python/Go/Ruby)

Software Security

Firewalls (Computer Science)

Nessus

Operational Systems

Splunk

Vulnerability Analysis

VMware

Job description

Modern Technology Solutions Inc. is seeking a highly experienced Information Systems Security Officer (ISSO) to lead cybersecurity efforts for an AFLCMC program office. This role focuses on ensuring compliance with laws, regulations, and security requirements while implementing strategic and technical cybersecurity solutions. Responsibilities include assessing system confidentiality, integrity, and availability, evaluating threats and vulnerabilities, developing Plans of Action and Milestones (POA&M), and submitting authorization packages. Additionally, the ISSO will collaborate with development teams to design, integrate, and enhance information systems while recommending mitigation strategies for emerging security challenges. The ideal candidate will bring expertise in the Risk Management Framework (RMF), system administration, and program management. This hybrid position requires managing systems at the Secret, SCI, and SAP levels while balancing strategic governance and hands-on technical maintenance. The candidate must effectively engage with stakeholders ranging from end-users to Authorizing Officials (AO) while maintaining a resilient cybersecurity posture in response to evolving threats.

Responsibilities:

Security Policy Implementation: Develop, implement, and enforce security policies, standards, and procedures to ensure the protection of information systems.
Configuration Management: Ensure that all information systems are configured securely according to organizational policies and best practices.
System Patching: Perform system patching in response to IAVAs and other security findings and requirements
Risk Management: Conduct risk assessments to identify and mitigate potential security threats. Assess the impact of changes in the IT environment and update the risk management framework accordingly.
Security Compliance: Ensure that information systems comply with relevant government and industry standards, such as NIST, FISMA, and DoD regulations. Prepare and maintain documentation to demonstrate compliance.
Continuous Monitoring: Implement continuous monitoring processes to detect and respond to security vulnerabilities and threats. Utilize tools like SIEM (Security Information and Event Management) to monitor system activities.
Security Audits: Conduct regular security audits and assessments to evaluate the effectiveness of security measures and identify areas for improvement.
Collaboration: Work closely with other IT and security professionals to ensure a coordinated approach to cybersecurity. Liaise with external stakeholders, such as auditors and regulatory bodies, as needed.
Documentation: Maintain comprehensive documentation of security policies, procedures, and measures taken to secure information systems. Prepare reports for management on security status and incidents.
Security Enhancements: Recommend and implement security enhancements to improve the overall security posture of the organization. Stay updated with the latest security trends and technologies.
Oversee the efforts of less senior staff and/or be responsible for the efforts of all staff assigned to a specific job.

Requirements

Security Clearance:

o Must be a U.S. Citizen

o Active Top-Secret Security Clearance with ability to obtain SCI

Certifications and Technical Expertise/Experience:

o Certifications required: COMPTIA Security + / CISSP

o DESIRED AWS certification (e.g., AWS Solutions Architect Associate or Professional)

Education:

o A Master of Arts/Master of Science/Master of Engineering MA/MS/ME degree

o Years of experience may be considered in lieu of a masters degree

Experience:

o Have no less than three (3) years' experience in a Special Access Program (SAP) and/or Sensitive Compartmented Information (SCI) environment within the last five (5) years

o Possess minimum of 10 years of relevant work experience

o Minimum of 2-5 years of experience in ISSO roles

o Proficiency in using security tools and technologies, such as firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection.

o Knowledge of network security, application security, and endpoint security principles.

o Understanding of operating systems (Windows, Linux, etc.) and their security configurations.

o Familiarity with cloud security best practices

o Familiarity with RMF process

o Experience with Spunk or other similar applications

o Experience with security compliance and regulatory requirements.

o Strong analytical and problem-solving abilities.

o Capability to analyze complex security issues and develop practical solutions.

o Excellent written and verbal communication skills.