Job ID: 2611683
Location: Springfield, VA, US
Date Posted: 2026-04-20
Category: Information Technology
Subcategory: IT Sys Integration
Schedule: Full-Time
Shift: Day Job
Travel: Yes - 10% of the time
Minimum Clearance Required: TS.SCI
Clearance Level Must Be Able to Obtain: TS/SCI with Poly
Potential for Remote Work: ORA_ON_SITE
Description SAIC is seeking a motivated and skilled
Information Systems Security Officer (ISSO) to support cybersecurity and compliance activities for mission-critical IT systems on the
MAJESTIC Joint Program Office (JPO) Team. In this role, the ISSO will be responsible for implementing, managing, and assessing system security controls to ensure compliance with government regulations, standards, and best practices, including
NIST 800-53,
RMF, and other federal security policies.
The ideal candidate will work closely with system owners, administrators, and cross-functional security teams to assess risks, maintain security postures, and ensure the confidentiality, integrity, and availability of information systems that support the mission.
This role requires on-site support
in Springfield, VA.
Key Responsibilities: - Ensure compliance with Risk Management Framework (RMF) requirements by developing, maintaining, and assessing system security artifacts, including System Security Plans (SSPs), POA&Ms, and applicable policies and procedures.
- Implement and validate security controls in alignment with NIST 800-53, associated overlays, and system-specific requirements.
- Support the Accreditation and Authorization (A&A) process, including preparing documentation and achieving and maintaining system Authority to Operate (ATO) status.
- Conduct risk assessments and vulnerability analysis, identify potential threats and weaknesses, and provide recommendations for mitigation.
- Work with IT teams to implement system hardening for platforms, applications, and networks in compliance with DISA STIGs and cybersecurity best practices.
- Perform continuous monitoring of systems using tools such as Splunk, ACAS, or SolarWinds, ensuring real-time threat detection, event notifications, and security compliance validation.
- Collaborate with cross-functional teams, including system administrators, developers, and ISSMs, to address security risks, system vulnerabilities, and security incidents.
- Support incident response activities by conducting forensic analysis, generating reports, and coordinating efforts to remediate and recover from security events.
- Provide cybersecurity awareness training for users and team members to ensure adherence to organizational security requirements and best practices.
- Prepare and deliver security status updates, risk reports, and briefings to senior stakeholders and leadership.
- Develop and maintain system documentation, including security control implementation descriptions, policies, and SOPs.
Qualifications Education: Certifications (CWF Requirements): - Candidates must satisfy Cybersecurity Workforce Framework (CWF) ID 722 (Information Systems Security Manger (ISSM) - Intermediate Level) requirements, as outlined by Navy COOL .
This requirement can be met by possessing one or more of the following qualifying certifications:
- Certified Chief Information Security Officer (CCISO)
- Certified Cloud Security Professional (CCSP)
- Certified in Governance Risk and Compliance (CGRC)
- Certified Information Systems Security Officer (C)ISSO)
- CompTIA Cloud+
- CompTIA Security+
- CompTIA SecurityX (formerly CASP+)
- GIAC Cloud Security Automation (GCSA)
- GIAC Continuous Monitoring Certification (GMON)
- GIAC Security Essentials Certification (GSEC)
- Systems Security Certified Practitioner (SSCP)
OR This requirement can be met through:
- A Bachelor's Degree in Cybersecurity, Computer Science, IT, or a related field.
Experience: - 2-5 years of professional experience managing and supporting enterprise-level IT environments.
Technical Skills: - Deep understanding of security frameworks, including NIST 800-53, RMF, and/or DoD 8510.01.
- Experience developing and maintaining System Security Plans (SSPs) and managing POA&Ms for compliance and audit purposes.
- Proficiency with vulnerability scanning tools and security analysis platforms, such as Nessus, ACAS, or Qualys.
- Knowledge of security controls implementation and system hardening using DISA STIGs or CIS Benchmarks for platforms and network-enabled devices.
- Familiarity with monitoring tools such as Splunk, SolarWinds, or other SIEM solutions for proactive security monitoring and incident management.
- Strong understanding of Windows Server and Active Directory security, including account policy configurations and group policy enforcement.
- Basic knowledge of Red Hat Enterprise Linux (RHEL) for security configurations and patching.
- General understanding of networking concepts, security configurations, and protocols (e.g., TCP/IP, VLANs, IPsec, firewalls).
- Ability to conduct risk assessments, analyze vulnerabilities, and make actionable recommendations to remediate threats.
- Strong analytical and technical writing skills for maintaining security documentation, incident reports, and audit artifacts.
Preferred Certifications (In Addition to CWF Requirements): - Certified Information Systems Security Professional (CISSP) or equivalent advanced certifications.
- Knowledge of continuous monitoring tools and automated compliance tracking systems.
- Familiarity with encryption standards, PKI infrastructures, and secure key management practices.
- Hands-on experience with virtualized environments and hyper-converged platforms, such as VMware or Nutanix.
- Familiarity with ITIL v4 frameworks for managing IT operations and processes.
Clearance Requirement: - Active TS/SCI clearance with the ability to obtain and maintain a TS/SCI with Poly.
Work Environment and Notes: - On-Site Work: All work must be conducted on-site in Springfield, VA.
- Program Scope: Supports on-premises enterprise IT environments, including virtualized Windows servers, MS SQL Server databases, and networking layers.
- Subcontractor Role: Responsibilities and compensation vary based on the subcontract agreement, with a competitive salary aligned to market rates and role-specific requirements.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: 10111346
- Position Id: 2611683
- Posted 5 hours ago
Never miss an opportunity! Create an alert based on the job you applied for.