Information System Security Officer (ISSO) (L3)

We are seeking a highly skilled and proactive Information System Security Officer (ISSO) to oversee and implement comprehensive cybersecurity measures within our organization. The ISSO will be responsible for developing, maintaining, and enforcing security policies aligned with industry standards such as NIST, ISO 27000 series, and FISMA. This role requires a thorough understanding of system security plans, network infrastructure, and incident response protocols to safeguard our information technology environment. The ideal candidate will possess strong expertise in computer networking, system hardening, vulnerability management, and security compliance frameworks to ensure the integrity, confidentiality, and availability of organizational data., * Develop, review, and update system security plans in accordance with NIST standards and organizational policies.

• Conduct regular security assessments, vulnerability scans, and penetration testing to identify potential risks.
• Manage network security devices including Cisco ASA firewalls, Cisco ISE for identity management, IDS/IPS systems, and SIEM solutions such as Splunk or SolarWinds.
• Implement and maintain encryption protocols, PKI infrastructure, VPN configurations, and secure network architectures including LAN/WAN segmentation.
• Oversee incident response activities by analyzing threats using threat intelligence tools and coordinating recovery efforts for cybersecurity incidents.
• Ensure compliance with regulatory standards such as FISMA, PCI DSS, FedRAMP, and ISO 27002 by conducting audits and preparing documentation.
• Collaborate with IT teams on system hardening initiatives across operating systems like Windows, Linux (including openSUSE), macOS, and cloud platforms such as AWS or Google Cloud Platform.
• Support network management tasks including routing protocols (OSPF/EIGRP), load balancing solutions like vSphere or VMware environments, and disaster recovery planning.
• Lead vulnerability management efforts through vulnerability assessments using tools like Nessus or Qualys; prioritize remediation activities.
• Maintain knowledge of emerging threats through threat detection & response strategies; utilize SIEM tools for continuous monitoring.
• Facilitate secure system administration practices including user access control via RBAC/LDAP/SSO solutions.
• Promote cybersecurity awareness across the organization by developing training materials aligned with ISO 27001 standards.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity or a related field; relevant certifications such as CISSP, CISA or Security+ are preferred.
• Extensive experience in information security roles with a focus on system security plans and network security management.
• Strong understanding of computer networking concepts including TCP/IP, DNS, DHCP, IPsec VPNs, Ethernet switching, and routing protocols (BGP/EIGRP).
• Proficiency with firewall management (Cisco ASA), intrusion detection/prevention systems (IDS/IPS), SIEM platforms (Splunk), and network monitoring tools (SolarWinds).
• Hands-on experience implementing security frameworks based on NIST standards (SP 800 series), ISO 27000 family (ISO 27001/27002), and FISMA compliance requirements.
• Knowledge of cloud computing architectures such as AWS or Azure along with virtualization technologies like VMware vSphere.
• Familiarity with scripting languages (Python/Bash) for automation; experience with DevOps practices is advantageous.
• Ability to perform risk assessments, vulnerability research & analysis; excellent problem-solving skills in incident management scenarios.
• Strong communication skills to articulate complex security concepts clearly to technical teams and executive leadership. This position offers an opportunity to contribute significantly to the protection of critical information assets within a dynamic environment. We welcome candidates committed to advancing cybersecurity practices through innovative solutions and rigorous compliance adherence.

• 401(k)
• Dental insurance
• Health insurance
• Life insurance