Information Systems Security Officer

Overview

On Site
Full Time

Skills

Attention To Detail
Microsoft Excel
Adaptability
Information Security
Integrated Circuit
Internal Communications
IC
Cyber Security
Security Analysis
Continuous Monitoring
Risk Assessment
Vulnerability Assessment
System Security
Information Systems
Security Awareness
Training
Communication
NIST SP 800 Series
Risk Management Framework
RMF
ICD
CNSS
DoD
STIG
FISMA
FedRAMP
Management
Documentation
Security Controls
SCA
SCTM
Nessus
Splunk
HBSS
eMASS
XACTA
Firewall
Virtual Private Network
IDS
IPS
DLP
PKI
Multi-factor Authentication
Operating Systems
Microsoft Windows
Linux
Unix
OS X
Cloud Computing
Microsoft Azure
Google Cloud
Google Cloud Platform
Cloud Security
Vulnerability Scanning
Security QA
Incident Management
Collaboration
JIRA
Confluence
ServiceNow
Authorization
Auditing
Regulatory Compliance
Reporting
CISSP
CISM
Certified Ethical Hacker
Amazon Web Services

Job Details

Job Description:

Base-2 Solutions is seeking a dedicated and detail-oriented Information Systems Security Officer (ISSO) to join our team. Our ISSOs are responsible for ensuring the security posture of mission-critical systems by supporting compliance efforts, managing risk, and enforcing security policies. We're looking for individuals who excel at navigating complex cybersecurity environments, maintaining meticulous documentation, and fostering collaboration between technical teams and government stakeholders. The ideal candidate will have strong knowledge of security regulations, be adaptable, and possess excellent communication skills to drive information security initiatives forward.

Responsibilities:

  • Ensures system compliance with federal, DoD, and IC cybersecurity regulations and standards, including NIST, ICD 503, CNSS, and RMF.

  • Maintains and updates security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), Plan of Action and Milestones (POA&Ms), and Continuous Monitoring Plans.

  • Coordinates and supports security assessments, audits, and inspections by internal and external stakeholders.

  • Conducts risk assessments and vulnerability analysis, providing recommendations for mitigating identified risks.

  • Facilitates and oversees system authorization activities in accordance with the Risk Management Framework (RMF) process.

  • Monitors and reports on system security posture, incident response, and remediation efforts.

  • Collaborates with Information Systems Security Engineers (ISSEs), system administrators, and program managers to integrate security requirements into system lifecycle.

  • Provides security awareness training to system users and enforces proper security practices.

  • Acts as a liaison between the organization and government customers, ensuring timely communication of security updates and issues.

Experience with some or all of the following:

  • Security frameworks and policies: NIST SP 800-53, RMF, ICD 503, CNSS, DoD STIGs, FISMA, FedRAMP

  • Experience managing security documentation: SSPs, POA&Ms, Security Controls Assessment (SCA) artifacts, SARs, SCTM

  • Security tools such as ACAS, Nessus, Splunk, HBSS, eMASS, Xacta

  • Knowledge of security technologies: Firewalls, SIEMs, VPNs, IDS/IPS, DLP, PKI, Multi-Factor Authentication

  • Operating systems: Windows, Linux, Unix, macOS

  • Experience with Cloud environments (AWS, Azure, Google Cloud) and cloud security controls

  • Familiarity with Vulnerability scanning, Security testing, Incident response processes

  • Collaboration tools like JIRA, Confluence, ServiceNow

  • Strong knowledge of system authorization process, audit support, and compliance reporting

  • Security certifications such as CISSP, CAP, Security , CISM, CEH, AWS Security Specialty
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.