Information System Security Officer

Overview

Please note that this position is contingent upon the successful award of a contract currently under bid.

A leader in cutting-edge research and technology in the cyber arena, CPMG focuses on using business drivers to guide cybersecurity activities and manage risk. CPMG offers flexible, integrative solutions for Department of Defense (DoD) contractors, among others, and specializes in cybersecurity, information and operational technology, electronic security surveillance, and support services.

Summary:

The Information Systems Security Officer (ISSO) is responsible for implementing, monitoring, and maintaining information system security controls to ensure compliance with organizational and regulatory requirements. The ISSO supports risk management activities, conducts security assessments, and coordinates with stakeholders to safeguard system integrity, confidentiality, and availability.

Responsibilities

Essential Job Functions:

• Provide cybersecurity support to the Data Systems and Security Support contract at Tinker AFB, ensuring compliance with DoDI 8510.01 Risk Management Framework (RMF) requirements and applicable Air Force cybersecurity policies
• Provide analyses and decision-support information to enable Authorization to Operate (ATO) determinations for classified and unclassified Air Force mission systems supporting the platform
• Develop, update, and maintain RMF documentation and artifacts including but not limited to:
  • System Security Plan (SSP)
  • Security Assessment Report (SAR)
  • Information System Contingency Plan (ISCP)
  • Incident Response Plan (IRP)
  • Configuration Management Plan (CMP)
  • Interconnection Security Agreements (ISA)
  • Memorandum of Understanding/Agreement (MOU/A)
  • Plan of Action and Milestones (POA&M)
• Manage and track all POA&Ms from identification through remediation and closure in coordination with system stakeholders, ISSMs, and Authorizing Officials.
• Conduct continuous monitoring activities in accordance with DoD and Air Force guidance, including:
  • Review and analysis of ACAS vulnerability scan results
  • Application and validation of DISA STIG compliance
  • Audit log review and reporting
  • Assessment of security control implementation
• Support Configuration Control Boards (CCBs) to evaluate cybersecurity impacts of hardware, software, and firmware changes to mission systems
• Perform security impact analyses for system modifications and lifecycle updates.
• Support cybersecurity inspection readiness efforts including Cybersecurity Compliance Review (CCRI) preparation and remediation activities
• Coordinate with Air Force Life Cycle Management Center (AFLCMC), System Program Office (SPO), ISSMs, and mission stakeholders to ensure cybersecurity requirements are integrated throughout all phases of the system lifecycle
• Report security incidents, anomalies, and compliance issues to the ISSM and Authorizing Official (AO) and support corrective action efforts
• Ensure classified systems operate, maintain, and dispose of information in accordance with DoD and Air Force security policies

Qualifications

Necessary Skills and Knowledge:

• Demonstrated expertise in DoD Risk Management Framework (RMF) processes in accordance with DoDI 8510.01
• Experience developing and managing RMF packages within eMASS
• Strong knowledge of:
  • DoDI 8500.01 / 8510.01
  • NIST SP 800-53 security controls
  • DISA Security Technical Implementation Guides (STIGs)
  • ACAS vulnerability scanning tools
  • Continuous Monitoring (ISCM) processes
  • Configuration Management practices within classified environments
• Experience supporting classified mission systems or weapon system environments
• Ability to interpret and implement Air Force cybersecurity policies and directives
• Strong analytical, documentation, and communication skills
• Ability to work independently in a secure, mission-critical environment

Minimum Qualifications:

• Bachelor's degree from an accredited institution in Cybersecurity, Information Systems, Computer Science, or related field
• Minimum seven (7) years of experience in Information System Security within a DoD environment
• Minimum two (2) years of leadership or senior-level ISSO experience supporting RMF activities
• Experience performing responsibilities across all six (6) steps of the RMF process
• Experience developing and managing ATO packages and supporting Authorizing Official (AO) decisions
• Active DoD 8570/8140 IAT Level II certification (e.g., Security+) or higher
• Active Top Secret (TS) clearance required at time of hire
• Must be a U.S. Citizen
• Ability to obtain and maintain access to classified facilities at Tinker AFB

Preferred Qualifications:

• DoD 8570/8140 IAM Level III certification (e.g., CISSP, CISM)
• Experience supporting Air Force weapon systems or Platform IT (PIT) environments
• Experience supporting SAP or SCI environments

Pay and Benefits
At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.