Job Requirements
Arlington, VA
Top Secret Polygraph Unspecified
Senior Level Career (10+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries
Job Description
New
(703) Cybersecurity Information System Security Officer (ISSO)
Arlington, VA
Apply
Company Summary
Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.
Position Description:
Arlo Solutions is seeking an experienced Information System Security Officer (ISSO) to support the Office of the Under Secretary of War for Acquisition & Sustainment (OUSW(A&S)). This hybrid position supports cybersecurity operations at the Pentagon and Alexandria, Virginia, providing leadership across the full DoD Risk Management Framework (RMF) lifecycle for multiple information systems supporting Controlled Unclassified Information (CUI) through classified environments. The ISSO serves as the primary cybersecurity advisor responsible for ensuring systems remain secure, compliant, and mission-ready by leading Assessment & Authorization (A&A), Continuous Monitoring (ConMon), cybersecurity governance, and risk management activities. The position requires close collaboration with Program Managers, Information System Owners, Engineers, Security Control Assessors (SCAs), Authorizing Officials (AOs), and senior Government leadership to integrate cybersecurity throughout the system lifecycle.
Location: Arlington, VA (Hybrid
Clearance: Active Top Secret Security Clearance (SCI eligibility preferred)
Responsibilities and/or Success Factors:
- Serve as the ISSM for multiple DoD information systems supporting OUSW(A&S) mission requirements.
- Lead all phases of the DoD Risk Management Framework (RMF), including system categorization, control implementation, assessment, authorization, and continuous monitoring.
- Develop and maintain RMF authorization packages, including System Security Plans (SSPs), Security Assessment documentation, Plans of Action & Milestones (POA&Ms), Continuous Monitoring artifacts, and supporting Body of Evidence (BoE).
- Coordinate Assessment & Authorization (A&A) activities supporting Authorization to Operate (ATO), Interim Authorization to Test (IATT), Authorization to Operate with Conditions (ATO-C), and system reauthorization.
- Manage Continuous Monitoring (ConMon), vulnerability management, STIG compliance, security control implementation, and cybersecurity reporting.
- Conduct cybersecurity risk assessments and provide recommendations supporting Authorizing Official (AO) risk decisions.
- Coordinate Security Control Assessments (SCAs), validate remediation activities, and ensure timely closure of assessment findings.
- Review system architectures, authorization boundaries, data flows, and proposed changes to maintain cybersecurity compliance.
- Provide cybersecurity guidance to Government leadership, Program Managers, engineers, ISSOs, ISSEs, and system administrators.
- Prepare executive briefings, authorization recommendations, and cybersecurity status reports for senior Government leadership.
- Support implementation of Zero Trust Architecture (ZTA), cloud security, DevSecOps, reciprocity, inherited controls, and enterprise cybersecurity governance initiatives.
Minimum Qualifications Including Certificates:
- Active Top Secret Security Clearance (SCI eligibility preferred)
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or related field (or equivalent experience)
- Minimum 8 years supporting DoD cybersecurity programs
- Minimum 5 years supporting DoD RMF and Assessment & Authorization activities
- Experience managing multiple RMF authorization packages and briefing senior Government leadership Excellent analytical, written, verbal, and presentation skills
- Candidates should meet applicable DoD 8140 Cyber Workforce Qualification Program requirements.
Preferred certifications include:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- CompTIA CASP+
- Certified Cloud Security Professional (CCSP)
Desired Qualifications:
Candidates should demonstrate experience with:
DoD Risk Management Framework (RMF) and Assessment & Authorization (A&A) Continuous Monitoring (ConMon) and cybersecurity governance System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessment Reports (RARs), and POA&M management Security control implementation, validation, inheritance, and reciprocity Vulnerability management, STIG compliance, ACAS, and cybersecurity reporting eMASS, Xacta, or comparable Governance, Risk, and Compliance (GRC) platforms Microsoft Windows, Linux, virtualization, enterprise networking, and cloud environments supporting FedRAMP High and the DoD Cloud Computing Security Requirements Guide (SRG) Zero Trust Architecture (ZTA) and secure system engineering principles
The ideal candidate is a proactive cybersecurity leader capable of managing multiple complex DoD information systems while balancing mission requirements, cybersecurity risk, and regulatory compliance.
Success in this role requires strong leadership, technical expertise, and the ability to communicate cybersecurity risk effectively to senior Government decision-makers while enabling secure modernization and mission success through disciplined application of the DoD Risk Management Framework.
AAP Statement
We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.
group id: 91131482