Information System Security Officer (ISSO)

OSAAVA Services is seeking an Information System Security Officer (ISSO) to support cybersecurity compliance and Risk Management Framework (RMF) activities for classified mission systems within Department of Defense environments.

This role serves as a critical part of the cybersecurity compliance process, supporting security control validation, RMF artifact management, vulnerability remediation tracking, and continuous monitoring activities to ensure systems remain secure, compliant, and audit-ready.

The selected candidate will work closely with system administrators, engineers, and cybersecurity teams to support authorization activities, system accreditation efforts, and ongoing security posture monitoring across classified systems.

The ideal candidate brings experience supporting RMF implementation within DoD or classified environments, with strong attention to documentation, compliance requirements, and cybersecurity processes., * Validate and assess security control implementation and effectiveness across mission systems

• Collect, maintain, and manage RMF artifacts and evidence repositories
• Track vulnerabilities and remediation actions through closure
• Support continuous monitoring activities and cybersecurity posture reporting
• Assist with development and maintenance of System Security Plans (SSPs)
• Support preparation for cybersecurity inspections, audits, CCRIs, and SAVs
• Identify security control deficiencies and support corrective action planning
• Coordinate with system administrators and engineers to implement security controls
• Maintain documentation repositories and ensure artifact accuracy and completeness
• Support Authorization to Operate (ATO) and ATO renewal activities
• Provide regular security compliance and status reporting to program leadership
• Support incident response activities and security impact assessments

• Experience performing ISSO functions within DoD or classified environments
• Strong understanding of Risk Management Framework (RMF) processes and security control validation
• Experience supporting vulnerability tracking and remediation activities
• Strong documentation, organizational, and artifact management skills
• Experience maintaining RMF evidence repositories and compliance documentation
• Strong communication and coordination skills across technical teams
• Ability to operate effectively within mission-critical classified environments, * Experience supporting NC3, DRSN, or STRATCOM-aligned mission systems
• Prior experience supporting CCRI or SAV cybersecurity inspections
• Familiarity with classified system compliance requirements
• Relevant cybersecurity certifications such as Security+, SSCP, or equivalent
• Experience maintaining audit-ready RMF documentation
• Familiarity with DoD cybersecurity frameworks and compliance requirements

Key Skills / Search Keywords

ISSO * Information System Security Officer RMF * Risk Management Framework ATO * Authorization to Operate Security Control Validation * Continuous Monitoring Cybersecurity Compliance * Vulnerability Management SSP * System Security Plan CCRI * SAV Inspections DoD Cybersecurity * Classified Systems Security

• Medical, dental, and vision insurance
• 401(k) with company match
• Paid time off (vacation, sick leave, and federal holidays)
• Professional development and training support
• Life and disability insurance

Why OSAAVA

• Mission-driven SDVOSB culture focused on service and integrity
• Competitive compensation and benefits
• Opportunity to grow with a high-performing team supporting national security programs
• Work directly supporting critical defense and intelligence missions

OSAAVA Services is a mission-focused Service-Disabled Veteran-Owned Small Business (SDVOSB) specializing in cybersecurity and enterprise IT services.