Posted today
Secret
Mid Level Career (5+ yrs experience)
$100,000 - $140,000
IT - Security
China Lake Nwc, CA (On-Site/Office)
Position Overview
We are seeking an experienced Information System Security Officer (ISSO) to support mission-critical Navy programs at NAWS China Lake. The ISSO will be responsible for implementing, maintaining, and enforcing cybersecurity controls for one or more information systems operating within classified and unclassified environments. This role works closely with System Administrators, Information System Security Managers (ISSMs), engineers, and government stakeholders to ensure systems comply with DoD Risk Management Framework (RMF) and Navy cybersecurity requirements throughout the system lifecycle.
This position is well suited for a detail-oriented cybersecurity professional who understands secure system operations in laboratory, development, test, and operational environments.
Key Responsibilities
RMF & System Security Operations
Serve as the ISSO for assigned information systems, ensuring compliance with DoD and Navy cybersecurity policies.
Implement, assess, and maintain security controls in accordance with DoDI 8510.01, NIST SP 800-53, and Navy-specific guidance.
Support all phases of the RMF lifecycle: Categorize, Select, Implement, Assess, Authorize, and Monitor.
Assist the ISSM in preparing and maintaining Authorization to Operate (ATO) and Authority to Connect (ATC) packages.
Security Documentation & Compliance
Develop, update, and maintain RMF documentation including:
System Security Plans (SSPs)
Security Assessment Reports (SARs)
Plans of Action and Milestones (POA&Ms)
Continuous monitoring artifacts
Track and remediate vulnerabilities identified through ACAS scans, STIG findings, and audits.
Ensure proper configuration management and documentation discipline for system changes.
Technical Security Implementation
Apply and validate Security Technical Implementation Guides (STIGs) for operating systems, applications, databases, and network devices.
Coordinate with system administrators and engineers to ensure secure configurations are implemented without impacting mission effectiveness.
Monitor system security posture and assist with incident response and reporting as required.
Continuous Monitoring & Sustainment
Perform ongoing security assessments, vulnerability analysis, and control effectiveness reviews.
Support periodic reassessments, annual reviews, and change-driven security impacts.
Assist with cybersecurity compliance during system upgrades, patches, and integration efforts.
Stakeholder Coordination
Interface with ISSMs, Authorizing Officials (AOs), System Owners, Network Teams, and Program Offices.
Support inspections, assessments, and cybersecurity audits conducted by government authorities.
Provide cybersecurity guidance to engineers and program staff to ensure security is integrated early and effectively.
Required Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
5+ years of experience in information assurance, cybersecurity, or system security roles within a DoD environment.
Demonstrated experience as an ISSO supporting RMF-authorized systems.
Strong understanding of:
DoD RMF
NIST 800-series publications
STIG implementation and compliance
Experience using tools such as eMASS, ACAS scanners, and configuration compliance tools.
Active Secret clearance and U.S. citizenship.
Preferred Qualifications
Experience supporting Navy or DoD RDT&E programs, labs, or test environments (China Lake experience a plus).
Familiarity with classified systems and air-gapped networks.
Experience supporting Linux and/or Windows-based systems from a security perspective.
Knowledge of virtualization, containers, or DevSecOps environments in a secure context.
IAM Level II or higher certification in accordance with DoD 8140/8570, such as:
Security+ CE
CISSP
CASP+
CISM
Strong written and verbal communication skills for technical documentation and customer interaction.
Core Competencies
Attention to detail and compliance discipline
Risk identification and mitigation mindset
Ability to work independently in secure environments
Effective collaboration with technical and non-technical stakeholders
Professional judgment in classified and regulated programs
Work Environment
On-site work at NAWS China Lake in a secure government facility
May require occasional extended hours during assessments, audits, or system authorizations
Ability to lift up to ~25 lbs of equipment as needed
We are seeking an experienced Information System Security Officer (ISSO) to support mission-critical Navy programs at NAWS China Lake. The ISSO will be responsible for implementing, maintaining, and enforcing cybersecurity controls for one or more information systems operating within classified and unclassified environments. This role works closely with System Administrators, Information System Security Managers (ISSMs), engineers, and government stakeholders to ensure systems comply with DoD Risk Management Framework (RMF) and Navy cybersecurity requirements throughout the system lifecycle.
This position is well suited for a detail-oriented cybersecurity professional who understands secure system operations in laboratory, development, test, and operational environments.
Key Responsibilities
RMF & System Security Operations
Serve as the ISSO for assigned information systems, ensuring compliance with DoD and Navy cybersecurity policies.
Implement, assess, and maintain security controls in accordance with DoDI 8510.01, NIST SP 800-53, and Navy-specific guidance.
Support all phases of the RMF lifecycle: Categorize, Select, Implement, Assess, Authorize, and Monitor.
Assist the ISSM in preparing and maintaining Authorization to Operate (ATO) and Authority to Connect (ATC) packages.
Security Documentation & Compliance
Develop, update, and maintain RMF documentation including:
System Security Plans (SSPs)
Security Assessment Reports (SARs)
Plans of Action and Milestones (POA&Ms)
Continuous monitoring artifacts
Track and remediate vulnerabilities identified through ACAS scans, STIG findings, and audits.
Ensure proper configuration management and documentation discipline for system changes.
Technical Security Implementation
Apply and validate Security Technical Implementation Guides (STIGs) for operating systems, applications, databases, and network devices.
Coordinate with system administrators and engineers to ensure secure configurations are implemented without impacting mission effectiveness.
Monitor system security posture and assist with incident response and reporting as required.
Continuous Monitoring & Sustainment
Perform ongoing security assessments, vulnerability analysis, and control effectiveness reviews.
Support periodic reassessments, annual reviews, and change-driven security impacts.
Assist with cybersecurity compliance during system upgrades, patches, and integration efforts.
Stakeholder Coordination
Interface with ISSMs, Authorizing Officials (AOs), System Owners, Network Teams, and Program Offices.
Support inspections, assessments, and cybersecurity audits conducted by government authorities.
Provide cybersecurity guidance to engineers and program staff to ensure security is integrated early and effectively.
Required Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
5+ years of experience in information assurance, cybersecurity, or system security roles within a DoD environment.
Demonstrated experience as an ISSO supporting RMF-authorized systems.
Strong understanding of:
DoD RMF
NIST 800-series publications
STIG implementation and compliance
Experience using tools such as eMASS, ACAS scanners, and configuration compliance tools.
Active Secret clearance and U.S. citizenship.
Preferred Qualifications
Experience supporting Navy or DoD RDT&E programs, labs, or test environments (China Lake experience a plus).
Familiarity with classified systems and air-gapped networks.
Experience supporting Linux and/or Windows-based systems from a security perspective.
Knowledge of virtualization, containers, or DevSecOps environments in a secure context.
IAM Level II or higher certification in accordance with DoD 8140/8570, such as:
Security+ CE
CISSP
CASP+
CISM
Strong written and verbal communication skills for technical documentation and customer interaction.
Core Competencies
Attention to detail and compliance discipline
Risk identification and mitigation mindset
Ability to work independently in secure environments
Effective collaboration with technical and non-technical stakeholders
Professional judgment in classified and regulated programs
Work Environment
On-site work at NAWS China Lake in a secure government facility
May require occasional extended hours during assessments, audits, or system authorizations
Ability to lift up to ~25 lbs of equipment as needed
group id: 10105424
Accelerating IT transformation in the public sector
