ISSO

Description

SAIC is seeking an Information Systems Security Officer (ISSO) to provide critical cybersecurity governance, compliance, and security oversight support on SAIC's prime program, Landmark AOS, located in Chantilly, VA. Landmark AOS is a large SETA program supporting the NRO's Ground Enterprise Directorate (GED), responsible for the acquisition and sustainment of systems across the full end‑to‑end lifecycle.

As an ISSO, you will play a key role in ensuring customer systems maintain compliance with Federal, Agency, and IC security requirements. You will oversee the security posture of customer‑sponsored assets, guide programs through the Risk Management Framework (RMF), and provide continuous monitoring, authorization, and cybersecurity risk support across multiple mission partners.

Responsibilities Include:

• Provide cybersecurity oversight and governance for new and existing customer systems leveraging the enterprise Software Platform to meet mission needs across multiple customer sets.
• Ensure full adherence to ICD‑503, NIST RMF, and customer‑specific directives and policies throughout the lifecycle (RMF Steps 1-6) of customer‑sponsored information systems.
• Support cloud‑based and on‑premise systems in maintaining compliance with all Federal and Agency cybersecurity requirements.
• Monitor, detect, and report cybersecurity risks, vulnerabilities, and threats; coordinate mitigation activities with technical teams and stakeholders.
• Collaborate closely with technical teams, customer leadership, developers, and other security personnel to ensure secure system design, implementation, and operation.
• Analyze technical and non‑technical data/metadata to identify abnormal patterns, determine root causes, and support incident response or corrective actions.
• Provide formal risk recommendations and security impact assessments as part of the Authority to Operate (ATO) process.
• Manage and track Plans of Action and Milestones (POA&Ms), coordinating with ISSOs, ISSEs, ISSMs, SCAs, and system owners to ensure timely remediation.
• Review and validate new asset requests, ensuring proper sponsorship, system owner identification, and alignment with customer governance processes.
• Facilitate System Review Team activities to confirm correct regulatory assignments, data types, C‑I‑A impact levels, and overlay selections for customer‑sponsored assets.
• Assign and validate security controls; document control implementations and identify control gaps or required liens during accreditor reviews.
• Ensure systems maintain compliance with customer‑defined Continuous Monitoring requirements (RMF Step 6), including reporting, scanning, and documentation updates.
• Provide ongoing, ad‑hoc authorization and security compliance support to both customer and program teams.

Qualifications

Required Education and Experience:

• Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience; PhD or JD and four (4) years or more experience. (Education can be substituted for experience in lieu of degree.)
• Active Top Secret/SCI with Polygraph.
• DoD 8570 IAT Level II or higher (Security+ CE, CASP+ CE, CISSP, etc.).
• 7+ years of Information Security experience. Preferrable as an ISSO, ISSE, or DAOR
• Demonstrated experience implementing the RMF process, applying NIST 800‑53 controls, and developing/maintaining certification and accreditation documentation.
• Experience with ICD‑503 RMF implementation within the Intelligence Community.
• Prior experience supporting cybersecurity operations or compliance within the IC.
• Strong ability to interpret technical documentation and assess alignment with policy, process, and security requirements.
• Excellent written and verbal communication skills, with the ability to translate technical findings into clear, actionable guidance for customers and stakeholders.