Information System Security Officer (ISSO) with TS/SCI CI Poly Clearance

Responsibilities

• Lead RMF/ICD-503 Assessment & Authorization (A&A) activities; coordinate with NGA DAOs/DAORs to achieve/maintain ATO.

• Maintain security documentation (SSPs, POA&Ms, SIA/SIAs, CONOPS, ITDR) in Service+ (ServiceNow), XACTA/XACTA 360, and NPT/CIO tools.

• Drive security changes via steering groups/review boards; track milestones and risk burn-down.

• Perform/control testing of security controls; assess Zero Trust/defense-in-depth effectiveness and compliance with IC/DoD/NIST/DISA standards.

• Operate the vulnerability management program across (U)/(S)/(TS) enclaves using Nessus and Tenable-ACAS; analyze results, prioritize fixes, verify mitigations, and manage POA&M status.

• Advise lab and operations teams on secure SDLC, hardening (e.g., STIGs), and best practices; resolve complex security issues.

• Address IA/cyber directives, vulnerability and patch tasking; document changes, upgrades, and connectivity configurations.

• Provide user training; manage access provisioning and IAA (identification, authentication, authorization).

• Collaborate with Systems Engineers/Admins, Senior ISSO/ISSMs, Lab Team, and Corporate Security to sustain an effective security posture.

Basic Qualifications

• U.S. citizenship (per contract).

• BS degree and 8–12 years of relevant ISSO/ cybersecurity experience.

• Demonstrated application of ICD-503 and NIST RMF; familiarity with customer mission/security operations.

• Experience with: XACTA (XACTA 360 preferred), HBSS, ACAS, Nessus, Splunk.

• Strong written/verbal communication; ability to brief leadership and lead cross-functional efforts.

Preferred Qualifications

• 3+ years operating/analyzing vulnerability scans (Nessus, Tenable Security Center or similar) with proven remediation outcomes.

• Active CISSP or CISM.

• Intelligence Community experience; knowledge of AWS/C2S and modern Zero Trust implementations.