Information System Security Officer (ISSO)

Win Win Operations is seeking a highly skilled Information System Security Officer (ISSO) to support a federal contract with the National Oceanic and Atmospheric Administration (NOAA) and National Weather Service (NWS). This role focuses on ensuring compliance with federal cybersecurity standards, supporting system security authorization processes, and providing expert guidance on IT security policies, risk management, and continuous monitoring efforts for mission-critical systems. Candidate will provide cybersecurity support for high impact systems supporting national tsunami warning infrastructure and real-time environmental monitoring.

MAIN OBJECTIVES

• Develop, implement, and maintain IT security policies, procedures, and documentation
• Perform compliance reviews of system security plans, contingency plans, and related documentation
• Support the system security authorization process, including development and review of authorization packages
• Track and manage Plans of Action and Milestones (POA&Ms) and ensure timely remediation
• Provide IT security training and guidance to personnel on compliance and best practices
• Assist with implementation of the Risk Management Framework (RMF) in alignment with NIST standards
• Provide technical advisory support on IT security tools, solutions, and implementation strategies
• Support reporting requirements, including monthly status reports and metrics tracking
• Coordinate with stakeholders and assist with responses to audits, data calls, and compliance inquiries
• Provide expert guidance on IT security solution design, implementation strategies, and risk-based decision making

SCHEDULE OF WORK Monday through Friday, generally between 8:00 AM - 4:30 PM Hawaii Standard Time (HST). Core hours are 9:00 AM - 3:30 PM HST. Some flexibility may be permitted with approval.

PLACE OF PERFORMANCE Primary location: Honolulu, HI (NOAA/NWS facility) Telework may be authorized on an ad-hoc basis with approval.

• U.S. Citizenship required
• Ability to pass a high-risk federal background investigation
• Bachelor's degree in Information Technology, Cybersecurity, or related field (or equivalent experience)
• Demonstrated experience supporting Federal IT security programs and FISMA compliance
• Strong knowledge and hands-on experience with NIST frameworks (SP 800-53, 800-37, RMF)
• Experience developing and reviewing system security authorization packages (ATO, SSPs, POA&Ms)
• Experience creating IT security policies, procedures, and technical documentation/white papers
• Experience supporting solution implementation and migration planning for IT security requirements
• Proficiency with enterprise IT environments (e.g., Microsoft Windows, Red Hat Linux, cloud systems)
• Experience with cybersecurity tools and vulnerability management platforms (e.g., asset management, scanning tools)
• Knowledge of encryption methods, data protection practices, and secure system design principles
• Experience with contingency planning, backup and recovery, and business continuity aligned with NIST guidance
• Ability to manage multiple priorities, meet deadlines, and adapt in a fast-paced federal environment
• Strong written and verbal communication skills, including ability to interface with technical and non-technical stakeholders
• At least one of the following certifications (or in progress): Security+, CISSP, CISA, CAP, or equivalent
• Experience advising on IT security solution options, including development of technical documentation or white papers
• Experience leading or supporting implementation and migration plans for IT security solutions
• Experience developing IT security policies and procedures in a federal environment, * Are you a U.S. Citizen and able to pass a high-risk federal background investigation?
• What relevant certifications do you currently hold (e.g., Security+, CISSP, CISA, CAP)? If in progress, please specify status.
• Describe your experience supporting federal IT security programs and FISMA compliance.
• What is your experience working with NIST frameworks such as NIST SP 800-53 and RMF?
• Have you performed system security authorization activities (e.g., ATO packages, SSPs)? Briefly describe your role.
• What experience do you have managing Plans of Action and Milestones (POA&Ms) and conducting compliance reviews?
• Are you available to work during Hawaii Standard Time business hours and support on-site work in Honolulu, HI if required?

(Submit documents on Indeed or send directly to info@winwinoperations.com Subject: Information System Security Officer (ISSO))

• Resume
• Proof of certifications (or progress toward certification)
• 2-3 professional references
• Proof of U.S. Citizenship (to be verified during hiring process), Compensation is based on your qualifications and experience. Please include your compensation expectations in your application.