Job Requirements
Cambridge, MA
Top Secret/SCI Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Information System Security Officer (ISSO) 2026-082
Location: Cambridge, MA (Volpe Center) / remote
Customer: U.S. Department of Transportation (DOT) – John A. Volpe National Transportation Systems Center
Clearance Requirements: Active Top Secret/SCI Eligible
Position Overview
Nationwide IT Services is seeking an experienced Information System Security Officer (ISSO) to support the U.S. Department of Transportation (DOT), John A. Volpe National Transportation Systems Center (Volpe Center). The ISSO will be responsible for maintaining the operational security posture of assigned information systems, supporting Risk Management Framework (RMF) activities, ensuring compliance with federal cybersecurity requirements, and coordinating with program managers, system owners, and cybersecurity stakeholders throughout the system lifecycle.
The successful candidate will serve as the primary security representative for assigned systems and will ensure that security controls, continuous monitoring activities, documentation, and authorization artifacts remain current and compliant with federal and DOT cybersecurity requirements.
Key Responsibilities
• Maintain the appropriate operational security posture for assigned information systems and programs.
• Develop, update, and maintain system security documentation, including System Security Plans (SSPs), security authorization packages, and associated artifacts.
• Ensure systems are operated, maintained, and disposed of in accordance with approved security authorization documentation.
• Manage day-to-day security operations for assigned systems.
• Monitor information systems and environments of operation, assessing the impact of system changes and modifications.
• Coordinate and document security-related system changes, including patches, upgrades, and configuration updates.
• Maintain comprehensive records of system and network changes.
• Manage user accounts and access controls in accordance with organizational policies and cybersecurity guidance.
• Perform Security Impact Analyses (SIAs) and support change management activities.
• Support RMF continuous monitoring activities and validate control assessment results.
• Track and remediate security findings, vulnerabilities, and Plan of Action & Milestones (POA&M) items.
• Ensure security deficiencies identified during assessments are mitigated, corrected, or formally accepted through the appropriate risk acceptance process.
• Coordinate with Information System Security Managers (ISSMs), System Owners, Program Managers, Security Control Assessors (SCAs), and Authorizing Officials (AOs).
• Support authorization activities, including ATO packages, annual reviews, and continuous authorization efforts.
• Participate in post-production reviews and document baseline deviations as required.
• Maintain ISSO appointment documentation and ensure compliance with governance requirements.
Required Qualifications
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or related field.
• 5+ years of information security experience supporting federal information systems.
• Experience serving as an ISSO, Information Assurance Analyst, Cybersecurity Analyst, or similar security role.
• Strong understanding of the NIST Risk Management Framework (RMF).
• Experience with NIST SP 800-53 security controls and federal cybersecurity compliance requirements.
• Experience supporting Authority to Operate (ATO) processes and continuous monitoring programs.
• Knowledge of vulnerability management, configuration management, and change control processes.
• Experience working with system owners, program managers, and technical teams in a federal environment.
• Excellent written and verbal communication skills.
Preferred Qualifications
• Experience supporting U.S. Department of Transportation (DOT) programs.
• Experience with Xacta or similar Governance, Risk, and Compliance (GRC) tools.
• Knowledge of FISMA, FedRAMP, and DHS cybersecurity guidance.
• Security+ CE, CISSP, CAP, CISM, or equivalent cybersecurity certification.
• Experience supporting cloud-based environments (AWS, Azure, or GovCloud).
About the Customer
The John A. Volpe National Transportation Systems Center (Volpe Center) is the U.S. Department of Transportation's premier federal research and transportation systems center, providing advanced technical expertise, cybersecurity, engineering, and program support across multiple transportation domains.
Location: Cambridge, MA (Volpe Center) / remote
Customer: U.S. Department of Transportation (DOT) – John A. Volpe National Transportation Systems Center
Clearance Requirements: Active Top Secret/SCI Eligible
Position Overview
Nationwide IT Services is seeking an experienced Information System Security Officer (ISSO) to support the U.S. Department of Transportation (DOT), John A. Volpe National Transportation Systems Center (Volpe Center). The ISSO will be responsible for maintaining the operational security posture of assigned information systems, supporting Risk Management Framework (RMF) activities, ensuring compliance with federal cybersecurity requirements, and coordinating with program managers, system owners, and cybersecurity stakeholders throughout the system lifecycle.
The successful candidate will serve as the primary security representative for assigned systems and will ensure that security controls, continuous monitoring activities, documentation, and authorization artifacts remain current and compliant with federal and DOT cybersecurity requirements.
Key Responsibilities
• Maintain the appropriate operational security posture for assigned information systems and programs.
• Develop, update, and maintain system security documentation, including System Security Plans (SSPs), security authorization packages, and associated artifacts.
• Ensure systems are operated, maintained, and disposed of in accordance with approved security authorization documentation.
• Manage day-to-day security operations for assigned systems.
• Monitor information systems and environments of operation, assessing the impact of system changes and modifications.
• Coordinate and document security-related system changes, including patches, upgrades, and configuration updates.
• Maintain comprehensive records of system and network changes.
• Manage user accounts and access controls in accordance with organizational policies and cybersecurity guidance.
• Perform Security Impact Analyses (SIAs) and support change management activities.
• Support RMF continuous monitoring activities and validate control assessment results.
• Track and remediate security findings, vulnerabilities, and Plan of Action & Milestones (POA&M) items.
• Ensure security deficiencies identified during assessments are mitigated, corrected, or formally accepted through the appropriate risk acceptance process.
• Coordinate with Information System Security Managers (ISSMs), System Owners, Program Managers, Security Control Assessors (SCAs), and Authorizing Officials (AOs).
• Support authorization activities, including ATO packages, annual reviews, and continuous authorization efforts.
• Participate in post-production reviews and document baseline deviations as required.
• Maintain ISSO appointment documentation and ensure compliance with governance requirements.
Required Qualifications
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or related field.
• 5+ years of information security experience supporting federal information systems.
• Experience serving as an ISSO, Information Assurance Analyst, Cybersecurity Analyst, or similar security role.
• Strong understanding of the NIST Risk Management Framework (RMF).
• Experience with NIST SP 800-53 security controls and federal cybersecurity compliance requirements.
• Experience supporting Authority to Operate (ATO) processes and continuous monitoring programs.
• Knowledge of vulnerability management, configuration management, and change control processes.
• Experience working with system owners, program managers, and technical teams in a federal environment.
• Excellent written and verbal communication skills.
Preferred Qualifications
• Experience supporting U.S. Department of Transportation (DOT) programs.
• Experience with Xacta or similar Governance, Risk, and Compliance (GRC) tools.
• Knowledge of FISMA, FedRAMP, and DHS cybersecurity guidance.
• Security+ CE, CISSP, CAP, CISM, or equivalent cybersecurity certification.
• Experience supporting cloud-based environments (AWS, Azure, or GovCloud).
About the Customer
The John A. Volpe National Transportation Systems Center (Volpe Center) is the U.S. Department of Transportation's premier federal research and transportation systems center, providing advanced technical expertise, cybersecurity, engineering, and program support across multiple transportation domains.
group id: 10241331
