Information System Security Officer (ISSO)

Information System Security Officer (ISSO)

Department: Information Technology

Employment Type: Full Time

Location: Redondo Beach

Compensation: $95,000 - $125,000 / year

Description

As the Information System Security Officer (ISSO) at Impulse, is responsible for maintaining the operational security posture of assigned information systems and supporting the organization's information security program. Working under the direction of the Information System Security Manager (ISSM), the ISSO ensures that systems operate within their approved security authorization and comply with applicable regulatory and contractual security requirements.

The ISSO supports the Risk Management Framework (RMF) lifecycle for assigned systems, including development and maintenance of authorization documentation, continuous monitoring activities, vulnerability management, and coordination of system changes that may affect authorization status. This role requires close collaboration with IT administrators, engineers, and program management to ensure security controls are properly implemented while supporting operational mission requirements.

The ISSO serves as the day-to-day security point of contact for assigned systems and provides regular status updates to the ISSM regarding compliance posture, system changes, vulnerabilities, and potential security risks.

Responsibilities

• Support the ISSM in maintaining the security posture of assigned information systems.
• Assist in the development, implementation, and maintenance of RMF authorization documentation including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and supporting artifacts.
• Perform continuous monitoring activities including audit log review, configuration validation, vulnerability tracking, and security control verification.
• Coordinate system changes through configuration management processes and conduct security impact assessments for proposed modifications to hardware, software, or system architecture.
• Verify that user access is granted only to individuals with the appropriate clearance, authorization, training, and need-to-know.
• Track and manage vulnerabilities identified through vulnerability scans, security assessments, and compliance checks, ensuring remediation actions are documented and completed.
• Report cybersecurity incidents, anomalies, and security violations in accordance with organizational and government reporting requirements.
• Participate in configuration control boards (CCB) or change management activities when security impact assessments are required.
• Ensure system security documentation remains current, accurate, and available to authorized personnel.
• Support internal and external security inspections, authorization activities, and compliance assessments.
• Coordinate with IT and engineering teams to ensure systems are configured in accordance with approved security baselines and applicable DISA STIGs.

Regulatory Framework

This role operates within the following security and compliance frameworks:

• NISPOM (32 CFR Part 117)
• DoDI 8510.01 - Risk Management Framework (RMF)
• NIST SP 800-53 Security Controls
• NIST SP 800-171 (Protection of Controlled Unclassified Information)
• CMMC 2.0
• DISA Security Technical Implementation Guides (STIGs)
• DoD 8140 Cyber Workforce Framework

Minimum Qualifications

• DoD 8140 compliant certification meeting IAT Level II or IAM Level I requirements (e.g., Security+ CE, CAP, CASP+, CISM, CISSP)
• Experience supporting RMF authorization processes and maintaining system authorization documentation
• Experience developing and maintaining SSPs, POA&Ms, and related authorization artifacts
• Demonstrated knowledge of NIST SP 800-53 security controls
• Demonstrated knowledge of NIST SP 800-171 and CMMC Level 2 requirements
• Experience reviewing system logs and conducting security compliance reviews

Preferred Skills and Experience

• Familiarity with NISPOM requirements for cleared defense contractors
• Experience managing authorization packages within eMASS or similar RMF tools
• Experience applying DISA STIGs to operating systems and applications
• Experience with security and vulnerability management tools such as Nessus, Splunk, or SCAP/STIG Viewer
• Experience supporting security assessments, audits, or authorization activities
• Familiarity with COMSEC environments or classified system operations
• Experience supporting government contract security requirements including DD Form 254
• Experience managing security requirements across multiple programs or systems

Additional Requirements:

• U.S. Citizenship with an active Top Secret security clearance and eligibility for SCI access

Additional Information:

Compensation bands are determined by role, level, location, and alignment with market data. Individual level and base pay is determined on a case-by-case basis and may vary based on job-related skills, education, experience, technical capabilities and internal equity. In addition to base salary, for full-time hires, you may also be eligible for long-term incentives, in the form of stock options, and access to medical, vision & dental coverage as well as access to a 401(k) retirement plan.

Impulse Space's spacecraft manufacturing business is subject to U.S. export regulations including the International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR). This position requires applicants to be either U.S. Persons (i.e., U.S. citizen, U.S. national, lawful permanent U.S. resident (), an individual granted asylum in the U.S., or an individual admitted in U.S. refugee status) or persons eligible to obtain an export license from the U.S. Departments of State, Commerce, or other applicable U.S. government agencies. Learn more about the ITAR here.

Impulse Space is an Equal Opportunity Employer; employment with Impulse Space is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.