We are seeking a Journeyman Information Systems Security Officer (ISSO) to support a Department of Defense cybersecurity mission at Pope Army Airfield, NC. This role will support Risk Management Framework (RMF) implementation and security authorization activities for C2ISR information systems and networks, ensuring compliance with DoD cybersecurity requirements and mission security standards.

The ISSO will work closely with system owners, engineers, and cybersecurity personnel to maintain system security documentation, support authorization activities, and ensure continuous monitoring of mission-critical systems.

Responsibilities

• Support Risk Management Framework (RMF) implementation for DoD information systems.
• Develop and maintain RMF documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms).
• Assist with ATO, IATT, and ATC authorization packages.
• Conduct security control assessments and validation of implementation evidence.
• Support integration of RMF requirements into system engineering and acquisition lifecycles.
• Identify and recommend remediation actions for security control gaps and vulnerabilities.
• Support continuous monitoring programs and compliance validation.
• Assist with Cyber Operational Readiness Assessments (CORA), IG inspections, and cybersecurity audits.
• Conduct STIG reviews and compliance assessments.
• Maintain documentation and evidence required for system accreditation and security compliance.

Technologies & Tools

RMF & Compliance Platforms

• eMASS
• Xacta
• Archer GRC

Security Monitoring & Compliance

• DISA STIG Viewer
• SCAP compliance scanners
• Splunk
• Elastic
• ArcSight

Vulnerability Assessment

• Nessus
• Qualys
• OpenVAS

Security Infrastructure

• ServiceNow
• Jira Service Desk
• PKI certificate management
• TACLANE encryption devices

Required Qualifications

• Active TS/SCI clearance
• Experience supporting DoD RMF authorization processes
• Experience developing security documentation and accreditation packages
• Familiarity with NIST SP 800-53 and DoD RMF frameworks
• Ability to collaborate with system owners, engineers, and cybersecurity teams

Certification Requirement

Candidates must meet DoD 8140 requirements and obtain a DoD-approved IA baseline certification for ADP-III / IT-III based on the IAT level and CE/Operating System certification within six (6) months of assignment.