Overview
On Site
Full Time
Skills
Security Clearance
Information System Security
NIST SP 800 Series
FIPS
Management
Authorization
Workflow
SCA
Information Systems
Documentation
System Security
Security Analysis
Security Controls
Security Awareness
Training
Roadmaps
Testing
Incident Management
Continuous Monitoring
Collaboration
Software Development
Artificial Intelligence
Data Collection
SEC
SSCP
GSEC
Cisco Certifications
CISM
CISSP
ISSMP
GCIA
GCIH
DoD
Regulatory Compliance
Risk Management Framework
RMF
Cyber Security
eMASS
SCAP
STIG
MDE
Analytical Skill
Problem Solving
Conflict Resolution
Communication
Information Technology
Systems Engineering
FOCUS
Job Details
Job ID: 2508943
Location: SAN ANTONIO, TX, US
Date Posted: 2025-08-21
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No
Description
Job Description:
We are seeking an experienced Information System Security Officer (ISSO) with expertise in Department of Defense (DOD) compliance standards and a strong familiarity with NIST (National Institute of Standards and Technology) RMF (Risk Management Framework) and the Authority to Operate (ATO) process. In this role, you will be responsible for ensuring the security and compliance of information systems within a DoD environment.
Key Responsibilities:
DoD Compliance: Coordinate and execute efforts to ensure that information systems, processes, and organization policy comply with Department of Defense (DOD) cybersecurity and regulatory requirements and standards. This includes DoD 5400 Series, NIST SP 800-53, NIST SP 800-37, NIST SP 800-60, and FIPS 140-2, with some level of awareness regarding Trade Agreement Act (TAA) and Clinger Cohen Act (CCA) compliance.
ATO: Assist in the management of the Authorization to Operate (ATO). Collaborate with relevant stakeholders to ensure timely and successful processing of eMASS (Enterprise Mission Support Service) workflows. This includes preparing and submitting artifacts, conducting security assessments, and liaising with the Authorizing Official (AO) SCA (Security Control Assessor) Team.
Security Assessments: Perform risk and vulnerability assessments on information systems and software to identify weaknesses. Utilize ACAS (Assured Compliance Assessment Solution) and/or Tenable, Inc. products to provide mitigation and/or remediation guidance to applicable stakeholders.
Security Documentation: Coordinate and collaborate with DCWF (Defense Cyber Workforce) personnel to develop, update, and continuously monitor security documentation, including but not limited to System Security Plans (SSPs), Security Assessment Reports (SARs), Plan of Action and Milestones (POA&Ms), security control implementation plans, and assessment procedure test results.
Security Awareness: Promote a culture of cybersecurity awareness by educating staff and stakeholders about emerging cybersecurity policies and best practices. Adhere to DoD 8140 guidelines to ensure cybersecurity training and awareness programs remain active and all DCWF personnel remain on their compliance roadmap.
Incident Response: Contribute to the creation, implementation, continuous monitoring, and annual testing of the Incident Response Plan (IRP). Participate in incident response activities as necessary.
Continuous Monitoring: Collaborate in maintaining the continuous monitoring strategy; assist in the observation and analysis of detected threats and/or compliance violations.
Collaboration: Collaborate with cross-functional teams, including IT, engineering, software development, and AI/data collection teams to ensure security requirements are integrated into system designs and processes
Qualifications
Qualifications:
5 Years and Bachelor's or relevant years of experience in lieu of degree.
Intermediate or Advanced 8140 Certificates one or more of the following: Intermediate: Sec+, SSCP, GSEC, CGRC/CAP, CCSP, CCISO, CASP+ Advanced: CISM, CISSO, CISSP, CISSP-ISSMP, GCIA, GCIH, GCSA, GICSP, GSLC
Minimum of 3 years of experience as an ISSO or in a similar role.
In-depth knowledge of DOD compliance standards, including NIST, RMF, and DODI 8500 Series.
Proven experience in executing ATO processes and achieving ATO approvals.
Familiarity with cybersecurity tools such as eMASS, SCAP, STIGs, MDE, MDfS, MS Sentinel and ACAS.
Strong analytical and problem-solving skills.
Excellent written and verbal communication skills.
Location: SAN ANTONIO, TX, US
Date Posted: 2025-08-21
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No
Description
Job Description:
We are seeking an experienced Information System Security Officer (ISSO) with expertise in Department of Defense (DOD) compliance standards and a strong familiarity with NIST (National Institute of Standards and Technology) RMF (Risk Management Framework) and the Authority to Operate (ATO) process. In this role, you will be responsible for ensuring the security and compliance of information systems within a DoD environment.
Key Responsibilities:
DoD Compliance: Coordinate and execute efforts to ensure that information systems, processes, and organization policy comply with Department of Defense (DOD) cybersecurity and regulatory requirements and standards. This includes DoD 5400 Series, NIST SP 800-53, NIST SP 800-37, NIST SP 800-60, and FIPS 140-2, with some level of awareness regarding Trade Agreement Act (TAA) and Clinger Cohen Act (CCA) compliance.
ATO: Assist in the management of the Authorization to Operate (ATO). Collaborate with relevant stakeholders to ensure timely and successful processing of eMASS (Enterprise Mission Support Service) workflows. This includes preparing and submitting artifacts, conducting security assessments, and liaising with the Authorizing Official (AO) SCA (Security Control Assessor) Team.
Security Assessments: Perform risk and vulnerability assessments on information systems and software to identify weaknesses. Utilize ACAS (Assured Compliance Assessment Solution) and/or Tenable, Inc. products to provide mitigation and/or remediation guidance to applicable stakeholders.
Security Documentation: Coordinate and collaborate with DCWF (Defense Cyber Workforce) personnel to develop, update, and continuously monitor security documentation, including but not limited to System Security Plans (SSPs), Security Assessment Reports (SARs), Plan of Action and Milestones (POA&Ms), security control implementation plans, and assessment procedure test results.
Security Awareness: Promote a culture of cybersecurity awareness by educating staff and stakeholders about emerging cybersecurity policies and best practices. Adhere to DoD 8140 guidelines to ensure cybersecurity training and awareness programs remain active and all DCWF personnel remain on their compliance roadmap.
Incident Response: Contribute to the creation, implementation, continuous monitoring, and annual testing of the Incident Response Plan (IRP). Participate in incident response activities as necessary.
Continuous Monitoring: Collaborate in maintaining the continuous monitoring strategy; assist in the observation and analysis of detected threats and/or compliance violations.
Collaboration: Collaborate with cross-functional teams, including IT, engineering, software development, and AI/data collection teams to ensure security requirements are integrated into system designs and processes
Qualifications
Qualifications:
5 Years and Bachelor's or relevant years of experience in lieu of degree.
Intermediate or Advanced 8140 Certificates one or more of the following: Intermediate: Sec+, SSCP, GSEC, CGRC/CAP, CCSP, CCISO, CASP+ Advanced: CISM, CISSO, CISSP, CISSP-ISSMP, GCIA, GCIH, GCSA, GICSP, GSLC
Minimum of 3 years of experience as an ISSO or in a similar role.
In-depth knowledge of DOD compliance standards, including NIST, RMF, and DODI 8500 Series.
Proven experience in executing ATO processes and achieving ATO approvals.
Familiarity with cybersecurity tools such as eMASS, SCAP, STIGs, MDE, MDfS, MS Sentinel and ACAS.
Strong analytical and problem-solving skills.
Excellent written and verbal communication skills.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.