Information Systems Security Officer

DEMASE TECHNICAL SERVICES, LLC
Oak Ridge, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 175K

Job location

Oak Ridge, United States of America

Tech stack

Configuration Management
Computer Security
Information Systems
Information Security Management
Smartsuite
Security Content Automation Protocol
Virtualization Technology
Software Vulnerability Management
SARS Software Products
Information Technology
Tenable Nessus
Nessus
Nutanix
Vulnerability Analysis
VMware

Job description

The Information System Security Officer (ISSO) is responsible for ensuring the security, compliance, and authorization of classified and unclassified information systems in a DOE Q-cleared environment. The ISSO supports system accreditation, continuous monitoring, and enforcement of cybersecurity controls in accordance with NIST, DOE, and federal requirements., * Serve as the primary cybersecurity authority for assigned information systems

  • Implement, manage, and maintain RiskManagement Framework (RMF) processes from system categorization through ATO
  • Ensure systems comply with NIST SP 800-53, NIST SP 800-37, DOE Orders, and site-specific security policies
  • Develop, maintain, and update system security documentation including:
  • System Security Plans (SSPs)
  • Security Assessment Reports (SARs)
  • Plans of Action & Milestones (POA&Ms)
  • Manage vulnerability assessments, security control testing, and remediation activities
  • Utilize and maintain compliance artifacts within eMASS (or equivalent GRC tools)
  • Coordinate with system owners, administrators, auditors, and Authorizing Officials
  • Conduct continuous monitoring, audit preparation, and security reviews
  • Oversee incident response coordination and reporting for security events
  • Provide security guidance for system changes, upgrades, and new deployments
  • Support insider threat, configuration management, and change control processes
  • Participate in CCB, security working groups, and compliance briefings, DeMase Technical Services, LLC is committed to providing reasonable accommodation to applicants with disabilities where appropriate. Determinations on requests for reasonable accommodation will be made on a case-by-case basis.

Requirements

Do you have experience in Vulnerability management?, This role requires an active DOE Q security clearance (or equivalent DoD TS)., * Active DOE Q Clearance

  • Five-plus (5+) years of cybersecurity experience supporting classified systems
  • Bachelor's degree in computer science, information systems, engineering, or related field (or equivalent experience)

Preferred Qualifications

  • Strong working knowledge of:
  • RMF and NIST 800-series publications
  • System accreditation and authorization processes
  • Security controls implementation and validation
  • Hands-on experience with eMASS
  • Ability to interpret security findings and drive remediation efforts
  • Strong documentation, communication, and stakeholder coordination skills
  • Knowledge of STIGs, SCAP, Nessus, or similar scanning tools
  • Experience supporting DOE/NNSA environments
  • Familiarity with virtualization platforms (Nutanix, VMware, etc.)
  • CISSP, CISM, CAP, or Security+ certification

Benefits & conditions

Pulled from the full job description

  • Referral program
  • 401(k)
  • Health insurance
  • Retirement plan
  • Paid time off
  • Vision insurance
  • Health savings account, At DeMase Technical Services, we recognize that high-performing technical professionals need more than just a paycheck-they need a total rewards package that supports performance, resilience, and long-term career sustainability. Our approach is designed with a focus on the full lifecycle of our workforce, from day-to-day well-being to long-term financial security.

We offer a competitive and thoughtfully structured benefits program that supports the demands of technical work, promotes personal and professional stability, and enables you and your family to thrive-both on and off the job. For full-time employees, our benefits include:

· Healthcare (Medica, dental, and vision insurance)

· Flexible schedule

· Health savings account

· Life insurance

· Paid time off

· Retirement plan

· 10 paid holidays

Compliance

DeMase Technical Services is an equal opportunity employer. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, and other factors protected under applicable law.

Affirmative Action employer compliant with OFCCP regulations.

EEOC/AA Employer - Individuals with disabilities and protected veterans welcomed.

E-Verify

DeMase participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program.

Applicants must be able to comply with DeMase Technical Services policies and procedures, including the Code of Ethics and Business Conduct and related workplace conduct and safety policies.

Pay transparency and nondiscrimination statement

DeMase Technical Services complies with all applicable federal, state, and local pay transparency laws. The compensation range provided in this job posting represents a good faith estimate of the base salary or hourly rate for this position at the time of posting. Actual compensation may vary based on factors such as experience, education, skills, geographic location, and internal equity.

In addition to base pay, eligible employees may receive a comprehensive benefits package, which may include health insurance, retirement plans, paid time off, and other company-sponsored programs (all benefits are subject to eligibility requirements).

As a federal contractor, DeMase Technical Services will not discharge or in any other manner discriminate against employees or applicants because they inquire about, discuss, or disclose their own pay or the pay of another employee or applicant; however, employees who have access to compensation information as part of their essential job functions may not disclose such information to individuals who do not otherwise have access, unless the disclosure is:

  • In response to a formal complaint or charge
  • In furtherance of an investigation, proceeding, hearing, or action
  • Consistent with the Company's legal duty to furnish information

Pay: $75,000.73 - $175,229.88 per year, * 401(k)

  • Dental insurance
  • Health insurance
  • Health savings account
  • Life insurance
  • Paid time off
  • Referral program
  • Retirement plan
  • Vision insurance

Security clearance:

  • Top Secret (Preferred)

About the company

DeMase Technical Services is a Women-Owned Small Business created by experts in the cybersecurity, energy, nuclear, and defense markets. We offer best-in-class solutions for nuclear facility licensing, permitting, startup, operations, cybersecurity, and next generation technologies. DeMase provides expert professionals in the fields of cybersecurity, next generation information technologies, nuclear engineering, nuclear technologies, and environmental management. Our cybersecurity team is an industry leader supporting the Cybersecurity Maturity Model Certification (CMMC) ecosystem. DeMase is an expert authorized CMMC C3PAO and full-service CMMC provider for readiness and certification.

Apply for this position