Job Requirements
Remote Alexandria, VA
Top Secret/SCI Polygraph not specified
Mid Level Career (5+ yrs experience)
$140,000 - $180,000
Job Description
ISM Security Specialist (ATO / IATT Focus)
Location: Alexandria, VA (hybrid, on-site 2-3 days per week) · Clearance: Active TS/SCI required
Overview
We are seeking a hands-on Information System Security Manager (ISM/ISSO) with deep experience guiding systems through the IATT and ATO lifecycle. This is a documentation-heavy, stakeholder-facing authorization role supporting federal and Department of Defense missions. The right candidate has lived inside the RMF process from initiation through authorization, knows the artifacts cold, and can keep a system audit-ready long after the ATO is granted. If you are fluent in eMASS or XACTA and you enjoy turning control requirements into a clean, defensible authorization package, this seat is built for you.
What You'll Do
Lead and support ATO and IATT processes from initiation through authorization.
Develop and maintain RMF documentation, including the SSP, POA&M, SAR, and supporting body-of-evidence artifacts.
Partner with system owners, engineers, and assessors to ensure compliance with federal security frameworks (NIST 800-53, FedRAMP, DoD RMF).
Work day to day in eMASS, XACTA, or comparable assessment and authorization tooling.
Drive continuous monitoring and sustain audit readiness across the authorization boundary.
Communicate clearly across cross-functional teams, translating control requirements into actionable work.
Required Qualifications
Active TS/SCI clearance.
5+ years of hands-on experience supporting ATO, IATT, and RMF in federal or DoD environments.
Demonstrated experience authoring and maintaining RMF documentation (SSP, POA&M, SAR, and related artifacts).
Working knowledge of NIST 800-53, FedRAMP, and DoD RMF.
Hands-on experience with eMASS, XACTA, or a comparable A&A platform.
Ability to work a hybrid schedule with in-person presence in Alexandria, VA approximately 2-3 days per week.
Strong written and verbal communication, with the ability to work effectively in cross-functional teams.
Preferred Qualifications
DoD 8570/8140 certification (Security+, CISSP, CISM, or CASP+/SecurityX).
Experience with continuous monitoring (ConMon) and recurring audit cycles.
Familiarity with DISA STIGs, ACAS/Nessus, or SCAP.
Exposure to cloud authorization boundaries across IL4 through IL6.
Work Model and Location
This is a hybrid role. The selected candidate must be able to work on-site in Alexandria, VA (DMV area) roughly 2-3 days per week, with the balance performed remotely. Candidates should be local to the DMV area or able to reliably commute to it.
Location: Alexandria, VA (hybrid, on-site 2-3 days per week) · Clearance: Active TS/SCI required
Overview
We are seeking a hands-on Information System Security Manager (ISM/ISSO) with deep experience guiding systems through the IATT and ATO lifecycle. This is a documentation-heavy, stakeholder-facing authorization role supporting federal and Department of Defense missions. The right candidate has lived inside the RMF process from initiation through authorization, knows the artifacts cold, and can keep a system audit-ready long after the ATO is granted. If you are fluent in eMASS or XACTA and you enjoy turning control requirements into a clean, defensible authorization package, this seat is built for you.
What You'll Do
Lead and support ATO and IATT processes from initiation through authorization.
Develop and maintain RMF documentation, including the SSP, POA&M, SAR, and supporting body-of-evidence artifacts.
Partner with system owners, engineers, and assessors to ensure compliance with federal security frameworks (NIST 800-53, FedRAMP, DoD RMF).
Work day to day in eMASS, XACTA, or comparable assessment and authorization tooling.
Drive continuous monitoring and sustain audit readiness across the authorization boundary.
Communicate clearly across cross-functional teams, translating control requirements into actionable work.
Required Qualifications
Active TS/SCI clearance.
5+ years of hands-on experience supporting ATO, IATT, and RMF in federal or DoD environments.
Demonstrated experience authoring and maintaining RMF documentation (SSP, POA&M, SAR, and related artifacts).
Working knowledge of NIST 800-53, FedRAMP, and DoD RMF.
Hands-on experience with eMASS, XACTA, or a comparable A&A platform.
Ability to work a hybrid schedule with in-person presence in Alexandria, VA approximately 2-3 days per week.
Strong written and verbal communication, with the ability to work effectively in cross-functional teams.
Preferred Qualifications
DoD 8570/8140 certification (Security+, CISSP, CISM, or CASP+/SecurityX).
Experience with continuous monitoring (ConMon) and recurring audit cycles.
Familiarity with DISA STIGs, ACAS/Nessus, or SCAP.
Exposure to cloud authorization boundaries across IL4 through IL6.
Work Model and Location
This is a hybrid role. The selected candidate must be able to work on-site in Alexandria, VA (DMV area) roughly 2-3 days per week, with the balance performed remotely. Candidates should be local to the DMV area or able to reliably commute to it.
group id: 90970085