Posted today
Secret
Unspecified
Unspecified
IT - Security
Washington, DC (On-Site/Office)
DDC Innovation & Growth is seeking a part-time Information System Security Officer (ISSO) to support the United States Court of Appeals for the Armed Forces (USCAAF) in Washington, DC. This position requires on-site support and provides comprehensive cybersecurity oversight aligned with Department of Defense (DoD) and Federal regulations. The ISSO is responsible for ensuring the confidentiality, integrity, and availability of information systems throughout their lifecycle.
Responsibilities
Qualifications
Preferred:
About Us
Diné Development Corporation (DDC) is a Navajo Nation owned family of companies that provides government agencies and commercial organizations with high-quality IT, professional, environmental, and research and development services. DDC is dedicated to empowering the Navajo Nation and communities we serve.
Benefits
Eligible full-time employees receive a comprehensive benefits package, including medical, dental, vision, life and disability coverage, retirement savings with company match, paid time off, voluntary supplemental benefits, and access to an employee assistance program. The package also includes educational assistance, with tuition reimbursement.
EEO Statement
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a), and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, national origin, or for inquiring about, discussing, or disclosing information about compensation, or any other basis prohibited by law. We participate in E-Verify.
Responsibilities
- Manage the full RMF lifecycle per DoDI 8510.01, including use of Enterprise Mission Assurance Support Service (eMASS) for all A&A documentation.
- Prepare, submit, and maintain complete system authorization packages to achieve and maintain Approval to Operate (ATO) status.
- Develop and enforce a technology review process for all new software, hardware, and cloud services.
- Validate compliance with the DoD Approved Products List (APL) and assess cybersecurity risks prior to implementation.
- Maintain and document authorized hardware/software baselines.
- Participate in the Configuration Control Board (CCB) and ensure all changes are vetted, tested, and approved.
- Implement and maintain configurations per DISA STIGs and Security Requirements Guides (SRGs).
- Conduct vulnerability scanning and compliance monitoring using tools such as ACAS.
- Perform remediation activities including patching, scripting, and configuration updates within established timelines.
- Manage and track Plans of Action and Milestones (POA&Ms).
- Develop formal risk acceptance packages including justifications and compensating controls.
- Maintain communication with government leadership regarding cybersecurity risk and compliance metrics.
- Maintain and review system audit logs per DoD requirements.
- Support cybersecurity incident response activities and coordinate with DoD Cyber Incident Response teams as required.
- Develop, maintain, and test the System Contingency Plan (NIST SP 800-34), including documentation of lessons learned.
- Performs other related duties as assigned.
Qualifications
- Active DoD Secret clearance.
- DoD 8570/8140 IAM Level II or III certification (e.g., CAP, CASP+, CISSP, CISM).
- Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field, or equivalent experience.
- 5+ years of cybersecurity or ISSO experience supporting DoD or Federal programs.
- Experience managing RMF processes and using eMASS for A&A documentation.
- Familiarity with DISA STIGs, NIST SP 800-series, DoDI 8510.01, and ACAS tools.
- Strong understanding of configuration management, vulnerability management, and incident response procedures.
Preferred:
- Experience supporting judicial or defense organizations.
- Strong written communication skills with the ability to prepare formal cybersecurity documentation.
About Us
Diné Development Corporation (DDC) is a Navajo Nation owned family of companies that provides government agencies and commercial organizations with high-quality IT, professional, environmental, and research and development services. DDC is dedicated to empowering the Navajo Nation and communities we serve.
Benefits
Eligible full-time employees receive a comprehensive benefits package, including medical, dental, vision, life and disability coverage, retirement savings with company match, paid time off, voluntary supplemental benefits, and access to an employee assistance program. The package also includes educational assistance, with tuition reimbursement.
EEO Statement
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a), and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, national origin, or for inquiring about, discussing, or disclosing information about compensation, or any other basis prohibited by law. We participate in E-Verify.
group id: 90860202
N
We are DDC!
