ISSO

Graham Technologies is seeking a Security Consultant (ISSO) to support AWS Professional Services engagements within classified cloud environments. The successful candidate will support Risk Management Framework (RMF) activities, security authorization packages, continuous monitoring, vulnerability management, and security compliance efforts across multi-domain AWS environments supporting DoD missions.


Location: Herndon, VA, Arlington, VA, and Jessup, MD


Key Responsibilities

• Create, maintain, and update security authorization packages, including:
  
  
  
  • System Security Plans (SSPs)
  
  
  • Initial Authorization to Test (IATT) packages
  
  
  • Authority to Operate (ATO) packages
  
  
  • Control Family Plans (AC, IA, SC, SI, and others)
  
  
  • Plan of Action & Milestones (POA&M)
  
  
  • RMF Control Implementation Statements
  
  
  • Continuous Monitoring documentation
  
  
  
  

• Monitor, identify, track, and report security vulnerabilities across AWS cloud environments and third-party security platforms


• Assess and validate compliance with NIST SP 800-53 security controls




• Support continuous monitoring activities across DoD Impact Level (IL2, IL4), Secret, and Top Secret environments


• Assist with deployment, configuration, and maintenance of security tools including:
  
  
  
  • AWS GuardDuty
  
  
  • AWS Security Hub
  
  
  • AWS Config
  
  
  • AWS Identity and Access Management (IAM)
  
  
  • AWS Organizations Service Control Policies (SCPs)
  
  
  • Palo Alto security solutions
  
  
  • DoD ACAS
  
  
  • Elastic
  
  
  
  

• Evaluate AWS Landing Zone Accelerator (LZA) security posture and provide recommendations for remediation and improvement


• Collaborate with engineering, operations, and compliance teams to implement and maintain security controls


• Support audits, assessments, security reviews, and accreditation activities


• Provide technical guidance on cloud security best practices and RMF implementation

Required Skills:


Experience:

• Minimum 2 years of ISSO experience supporting RMF and NIST SP 800-53 compliance activities


• Minimum 1 year of Information Systems Security Engineer (ISSE) experience supporting cloud security initiatives


• Experience developing and maintaining ATO, IATT, SSP, POA&M, and Continuous Monitoring documentation


• Experience supporting vulnerability management and security compliance programs


• Strong problem-solving abilities with a demonstrated ability to resolve complex technical and security challenges

Education:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Assurance, or related field (or equivalent experience)

Clearance:

• Active TS/SCI Clearance (Required)

Desired Skills:


Experience:

• Experience supporting AWS Landing Zone Accelerator (LZA) environments


• Experience supporting DoD or Intelligence Community cloud environments


• Experience operating within classified multi-domain environments

Certifications:


One or more of the following certifications preferred:

• CISSP


• CISM


• CAP


• CASP+


• DoD 8570/8140 IAM Level II Certification


• DoD 8570/8140 IAT Level III Certification

Compensation:


At Graham Technologies, we believe in treating everyone with fairness and respect. Our compensation package is designed to ensure fair pay for work, reflecting our commitment to integrity.


Many IT companies offer similar services, but what truly sets us apart is our people! We care deeply about our employees and consistently show our appreciation-not just for the final outcomes, but also for the effort and dedication shown every step of the way. Additionally, our generous benefits package supports our team members in living fulfilling and prosperous lives.


Here are just a few highlights of what we offer:

• Four Weeks of Accrued PTO in the First Year


• Eleven Paid Federal Holidays


• Comprehensive Health, Dental, Vision, and Life Insurance


• 401(k) Plan with Annual Employer Contributions


• Flexible Schedules


• Reimbursements for Continued Education and Training

Why Graham Technologies?


Our core values define who we are:

• Value our Customers


• Care about our Employees


• Passionate about Innovation


• Believe in a Strong Work Ethic


• Rely on Teamwork


• Integrity Matters

Founded in 2007, GTech is a consulting services firm passionate about delivering tailored solutions that meet our clients' needs and maximize the value of their investments. We achieve this by providing top-notch professionals across the IT industry. Our team embodies integrity, commitment, and reliability, which are at the heart of everything we do.


We are also dedicated to fostering a culture of support for our employees-the lifeblood of our business. At Graham Technologies, we've built a family-oriented environment where team members are encouraged to maintain a healthy work-life balance, pursue their passions, and grow professionally through flexible schedules, continued education, and a strong sense of community.