Posted today
Top Secret/SCI
Mid Level Career (5+ yrs experience)
$100,000 - $120,000
No Traveling
IT - Security
Montgomery, AL (On-Site/Office)
ISSO
Clearance: TS/SCI
Location: Onsite, Maxwell-Gunter, AL
Shift: 7AM-3PM
Salary: 100-120K
Overview
SSi is seeking an Information Systems Security Officer (ISSO) to provide cybersecurity and information assurance support for the Air Force Intranet Control (AFINC) III Support program at Maxwell AFB/Gunter Annex. This is a full-time position supporting classified Air Force systems and environments.
Responsibilities:
• Perform security analysis of operational and development environments, including threats, vulnerabilities, and system interfaces, to assess compliance with DoD and industry standards.
• Implement and manage Assessment and Authorization (A&A) activities under the Risk Management Framework (RMF) for new and existing information systems.
• Maintain current Authorizations to Operate (ATO) and Approvals to Connect (ATC), including tracking and executing corrective actions identified in Plans of Action and Milestones (POA&M).
• Develop and manage Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), and Risk Acceptance Letters.
• Develop and execute an Information System Continuous Monitoring (ISCM) strategy, monitoring system and environmental changes to ensure ongoing compliance.
• Audit systems and conduct assessments to validate security posture and compliance with cybersecurity requirements.
• Analyze assessment and test data to document system compliance and security readiness.
• Conduct risk assessments and investigations, recommend mitigation strategies, and coordinate incident response activities.
• Perform periodic hardware and software inventory assessments.
• Oversee the development and implementation of information security controls to meet program and enterprise cybersecurity policies, standards, and procedures.
• Manage and lead assigned personnel to support effective execution of RMF activities.
• Coordinate and participate in internal and external security assessments and audits.
• Prepare, review, and present technical reports, documentation, and briefings to stakeholders.
• Register, manage, review, and decommission system Ports, Protocols, and Services (PPS) in compliance with the DoD PPS Category Assurance List (CAL) and PPS Vulnerability Assessment requirements.
Qualifications:
• Minimum of 5 years of experience in cybersecurity or information assurance, including at least 3 years supporting RMF.
• High School diploma or GED required.
• Must hold CISM or CISSP certification, or equivalent certification compliant with DoD 8140/8570 IAM Level II.
• Governance, Risk and Compliance (CGRC) certification OR CCNA required
• Completion of DISA ACAS Supervisor and Operator training and DISA Enterprise Mission Assurance Support Service (eMASS) training required.
• Familiarity with DoD cybersecurity policies and RMF implementation, including NIST SP 800 series and CNSSI 1253.
• Experience serving as an ISSO or ISSM supporting classified systems and programs.
• Hands-on experience assessing and documenting cybersecurity compliance through test and analysis data.
• Proficiency with RMF-related tools and systems, including ACAS/Nessus, DISA STIGs, eMASS, ESS, audit tools, and PPS management.
• Strong written and verbal communication skills with the ability to engage stakeholders at all organizational levels.
• U.S. citizenship required.
• Active Top Secret clearance with SCI eligibility (TS/SCI) required.
Clearance: TS/SCI
Location: Onsite, Maxwell-Gunter, AL
Shift: 7AM-3PM
Salary: 100-120K
Overview
SSi is seeking an Information Systems Security Officer (ISSO) to provide cybersecurity and information assurance support for the Air Force Intranet Control (AFINC) III Support program at Maxwell AFB/Gunter Annex. This is a full-time position supporting classified Air Force systems and environments.
Responsibilities:
• Perform security analysis of operational and development environments, including threats, vulnerabilities, and system interfaces, to assess compliance with DoD and industry standards.
• Implement and manage Assessment and Authorization (A&A) activities under the Risk Management Framework (RMF) for new and existing information systems.
• Maintain current Authorizations to Operate (ATO) and Approvals to Connect (ATC), including tracking and executing corrective actions identified in Plans of Action and Milestones (POA&M).
• Develop and manage Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), and Risk Acceptance Letters.
• Develop and execute an Information System Continuous Monitoring (ISCM) strategy, monitoring system and environmental changes to ensure ongoing compliance.
• Audit systems and conduct assessments to validate security posture and compliance with cybersecurity requirements.
• Analyze assessment and test data to document system compliance and security readiness.
• Conduct risk assessments and investigations, recommend mitigation strategies, and coordinate incident response activities.
• Perform periodic hardware and software inventory assessments.
• Oversee the development and implementation of information security controls to meet program and enterprise cybersecurity policies, standards, and procedures.
• Manage and lead assigned personnel to support effective execution of RMF activities.
• Coordinate and participate in internal and external security assessments and audits.
• Prepare, review, and present technical reports, documentation, and briefings to stakeholders.
• Register, manage, review, and decommission system Ports, Protocols, and Services (PPS) in compliance with the DoD PPS Category Assurance List (CAL) and PPS Vulnerability Assessment requirements.
Qualifications:
• Minimum of 5 years of experience in cybersecurity or information assurance, including at least 3 years supporting RMF.
• High School diploma or GED required.
• Must hold CISM or CISSP certification, or equivalent certification compliant with DoD 8140/8570 IAM Level II.
• Governance, Risk and Compliance (CGRC) certification OR CCNA required
• Completion of DISA ACAS Supervisor and Operator training and DISA Enterprise Mission Assurance Support Service (eMASS) training required.
• Familiarity with DoD cybersecurity policies and RMF implementation, including NIST SP 800 series and CNSSI 1253.
• Experience serving as an ISSO or ISSM supporting classified systems and programs.
• Hands-on experience assessing and documenting cybersecurity compliance through test and analysis data.
• Proficiency with RMF-related tools and systems, including ACAS/Nessus, DISA STIGs, eMASS, ESS, audit tools, and PPS management.
• Strong written and verbal communication skills with the ability to engage stakeholders at all organizational levels.
• U.S. citizenship required.
• Active Top Secret clearance with SCI eligibility (TS/SCI) required.
group id: 10508920
