Information Systems Security Officer

TEKSYSTEMS INC.
Ridgecrest, United States of America
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Ridgecrest, United States of America

Tech stack

Configuration Management
Computer Security
Information Systems
Databases
Linux
Identity and Access Management
Information Security Management
Networking Hardware
SARS Software Products
SC Clearance
Information Technology
Devsecops
Vulnerability Analysis

Job description

We are seeking an experienced Information System Security Officer (ISSO) to support mission-critical Navy programs at NAWS China Lake. The ISSO will be responsible for implementing, maintaining, and enforcing cybersecurity controls for one or more information systems operating within classified and unclassified environments. This role works closely with System Administrators, Information System Security Managers (ISSMs), engineers, and government stakeholders to ensure systems comply with DoD Risk Management Framework (RMF) and Navy cybersecurity requirements throughout the system lifecycle. This position is well suited for a detail-oriented cybersecurity professional who understands secure system operations in laboratory, development, test, and operational environments., Serve as the ISSO for assigned information systems, ensuring compliance with DoD and Navy cybersecurity policies. Implement, assess, and maintain security controls in accordance with DoDI 8510.01, NIST SP 800-53, and Navy-specific guidance. Support all phases of the RMF lifecycle: Categorize, Select, Implement, Assess, Authorize, and Monitor. Assist the ISSM in preparing and maintaining Authorization to Operate (ATO) and Authority to Connect (ATC) packages.

Security Documentation & Compliance

Develop, update, and maintain RMF documentation including:

System Security Plans (SSPs) Security Assessment Reports (SARs) Plans of Action and Milestones (POA&Ms) Continuous monitoring artifacts

Track and remediate vulnerabilities identified through ACAS scans, STIG findings, and audits. Ensure proper configuration management and documentation discipline for system changes.

Technical Security Implementation

Apply and validate Security Technical Implementation Guides (STIGs) for operating systems, applications, databases, and network devices. Coordinate with system administrators and engineers to ensure secure configurations are implemented without impacting mission effectiveness. Monitor system security posture and assist with incident response and reporting as required.

Continuous Monitoring & Sustainment

Perform ongoing security assessments, vulnerability analysis, and control effectiveness reviews. Support periodic reassessments, annual reviews, and change-driven security impacts. Assist with cybersecurity compliance during system upgrades, patches, and integration efforts.

Stakeholder Coordination

Interface with ISSMs, Authorizing Officials (AOs), System Owners, Network Teams, and Program Offices. Support inspections, assessments, and cybersecurity audits conducted by government authorities. Provide cybersecurity guidance to engineers and program staff to ensure security is integrated early and effectively.

Requirements

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience). 5+ years of experience in information assurance, cybersecurity, or system security roles within a DoD environment. Demonstrated experience as an ISSO supporting RMF-authorized systems. Strong understanding of:

DoD RMF NIST 800-series publications STIG implementation and compliance

Experience using tools such as eMASS, ACAS scanners, and configuration compliance tools. Active Secret clearance and U.S. citizenship., Experience supporting Navy or DoD RDT&E programs, labs, or test environments (China Lake experience a plus). Familiarity with classified systems and air-gapped networks. Experience supporting Linux and/or Windows-based systems from a security perspective. Knowledge of virtualization, containers, or DevSecOps environments in a secure context. IAM Level II or higher certification in accordance with DoD 8140/8570, such as:

Security+ CE CISSP CASP+ CISM

Strong written and verbal communication skills for technical documentation and customer interaction.

Core Competencies

Attention to detail and compliance discipline Risk identification and mitigation mindset Ability to work independently in secure environments Effective collaboration with technical and non-technical stakeholders Professional judgment in classified and regulated programs

Work Environment

On-site work at NAWS China Lake in a secure government facility May require occasional extended hours during assessments, audits, or system authorizations Ability to lift up to ~25 lbs of equipment as needed

Apply for this position