Job Requirements
Remote Alexandria, VA Wash, DC
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Role & Responsibilities
CyKor is seeking an Information Systems Security Officer (ISSO) Subject Matter Expert (SME) to support federal environments as part of a matrixed engineering and cybersecurity delivery team.
This position supports the Lead Federal ISSO by providing engineering-focused Risk Management Framework (RMF) expertise, cybersecurity compliance support, and technical security integration across enterprise infrastructure, network modernization, cloud, and operational technology initiatives. The ISSO SME will work collaboratively with architects, engineers, program managers, system owners, and cybersecurity stakeholders to ensure systems maintain compliance with federal Risk Management Framework (RMF) requirements throughout the system lifecycle.
The ideal candidate possesses strong technical knowledge of enterprise systems and cybersecurity requirements, with the ability to translate engineering changes and operational impacts into actionable RMF and authorization activities.
Support the Lead Federal ISSO in execution of cybersecurity and RMF activities across client mission systems and enterprise engineering efforts
Serve as the engineering-focused cybersecurity SME supporting system modernization, infrastructure deployment, cloud integration, and operational sustainment initiatives
Apply knowledge of federal RMF requirements, including NIST 800-37, NIST 800-53, DHS 4300A/B, and federal cybersecurity policies
Collaborate within a matrixed project team consisting of network engineers, architects, cloud engineers, system administrators, program managers, and cybersecurity personnel
Analyze system architectures, components, interconnections, data flows, and operational changes to assess security impacts and authorization implications
Support development, review, and maintenance of RMF artifacts including System Security Plans (SSPs), boundary diagrams, hardware/software inventories, POA&Ms, contingency plans, and configuration management documentation
Assist with implementation and oversight of configuration management processes across authorization boundaries
Support continuous monitoring activities, vulnerability management, patch compliance, STIG implementation, and remediation tracking
Conduct periodic system reviews to ensure compliance with approved security controls and operational requirements
Coordinate with engineering teams to ensure cybersecurity controls are integrated into technical designs and deployment activities
Support ATO and Continuous ATO (cATO) activities including package preparation, artifact updates, security impact assessments, and audit support
Evaluate proposed engineering changes and provide cybersecurity recommendations regarding operational and authorization impacts
Support security assessment activities, audit readiness efforts, and customer cybersecurity reviews
Assist with cybersecurity documentation updates related to evolving infrastructure and engineering implementation
Please note: This opening is contingent upon contract award (expected award & start date is June/July 2026).
Requirements
Bachelor’s degree in Cybersecurity, Information Technology, Engineering, Computer Science, or related field (or equivalent experience
5+ years of experience supporting RMF, cybersecurity compliance, or ISSO activities within federal civilian environments
Experience supporting engineering or infrastructure-focused cybersecurity initiatives
Working knowledge of federal RMF processes and authorization requirements
Familiarity with NIST security controls, continuous monitoring, vulnerability management, and configuration management practices
Experience supporting ATO/cATO package development and maintenance
Understanding of enterprise networking, cloud environments, virtualization, and infrastructure technologies
Experience working in collaborative, cross-functional engineering environments
Strong written and verbal communication skills supporting technical and non-technical stakeholders
Active Secret clearance required
Preferred Certifications & Skills
CISSP, CAP, Security+, CISM, or equivalent certification
Experience supporting federal civilian agencies
Experience with eMASS, CSAM, or equivalent governance/compliance platforms
Familiarity with Zero Trust initiatives, cloud security frameworks, and enterprise network modernization program
Experience supporting operational technology, SD-WAN, or large-scale federal infrastructure deployments
CyKor is seeking an Information Systems Security Officer (ISSO) Subject Matter Expert (SME) to support federal environments as part of a matrixed engineering and cybersecurity delivery team.
This position supports the Lead Federal ISSO by providing engineering-focused Risk Management Framework (RMF) expertise, cybersecurity compliance support, and technical security integration across enterprise infrastructure, network modernization, cloud, and operational technology initiatives. The ISSO SME will work collaboratively with architects, engineers, program managers, system owners, and cybersecurity stakeholders to ensure systems maintain compliance with federal Risk Management Framework (RMF) requirements throughout the system lifecycle.
The ideal candidate possesses strong technical knowledge of enterprise systems and cybersecurity requirements, with the ability to translate engineering changes and operational impacts into actionable RMF and authorization activities.
Support the Lead Federal ISSO in execution of cybersecurity and RMF activities across client mission systems and enterprise engineering efforts
Serve as the engineering-focused cybersecurity SME supporting system modernization, infrastructure deployment, cloud integration, and operational sustainment initiatives
Apply knowledge of federal RMF requirements, including NIST 800-37, NIST 800-53, DHS 4300A/B, and federal cybersecurity policies
Collaborate within a matrixed project team consisting of network engineers, architects, cloud engineers, system administrators, program managers, and cybersecurity personnel
Analyze system architectures, components, interconnections, data flows, and operational changes to assess security impacts and authorization implications
Support development, review, and maintenance of RMF artifacts including System Security Plans (SSPs), boundary diagrams, hardware/software inventories, POA&Ms, contingency plans, and configuration management documentation
Assist with implementation and oversight of configuration management processes across authorization boundaries
Support continuous monitoring activities, vulnerability management, patch compliance, STIG implementation, and remediation tracking
Conduct periodic system reviews to ensure compliance with approved security controls and operational requirements
Coordinate with engineering teams to ensure cybersecurity controls are integrated into technical designs and deployment activities
Support ATO and Continuous ATO (cATO) activities including package preparation, artifact updates, security impact assessments, and audit support
Evaluate proposed engineering changes and provide cybersecurity recommendations regarding operational and authorization impacts
Support security assessment activities, audit readiness efforts, and customer cybersecurity reviews
Assist with cybersecurity documentation updates related to evolving infrastructure and engineering implementation
Please note: This opening is contingent upon contract award (expected award & start date is June/July 2026).
Requirements
Bachelor’s degree in Cybersecurity, Information Technology, Engineering, Computer Science, or related field (or equivalent experience
5+ years of experience supporting RMF, cybersecurity compliance, or ISSO activities within federal civilian environments
Experience supporting engineering or infrastructure-focused cybersecurity initiatives
Working knowledge of federal RMF processes and authorization requirements
Familiarity with NIST security controls, continuous monitoring, vulnerability management, and configuration management practices
Experience supporting ATO/cATO package development and maintenance
Understanding of enterprise networking, cloud environments, virtualization, and infrastructure technologies
Experience working in collaborative, cross-functional engineering environments
Strong written and verbal communication skills supporting technical and non-technical stakeholders
Active Secret clearance required
Preferred Certifications & Skills
CISSP, CAP, Security+, CISM, or equivalent certification
Experience supporting federal civilian agencies
Experience with eMASS, CSAM, or equivalent governance/compliance platforms
Familiarity with Zero Trust initiatives, cloud security frameworks, and enterprise network modernization program
Experience supporting operational technology, SD-WAN, or large-scale federal infrastructure deployments
group id: 91173057