Information Systems Security Officer (ISSO) / System Administrator

About The Position

Requirements

• 5+ years of experience as an ISSO or in a similar cybersecurity role.
• 3+ years of experience providing IT support for SAP and SCI information systems.
• Proven, in-depth experience with the entire Risk Management Framework (RMF) lifecycle and the ATO process.
• Demonstrated experience creating security artifacts (SSPs, diagrams, risk assessments).
• Strong understanding of Program Management fundamentals.
• Ability to perform technical writing for policies, SOPs, and work instructions.
• Experience with vulnerability management tools (ACAS, Nessus) and system hardening (STIGs).
• DoD 8140 IAM Level I Certification (e.g., Security+ CE).
• TS clearance with current in-scope SSBI required
• Ability to obtain and maintain SCI/SAP/STO/NATO clearances required.
• US Citizenship is required for this position.

Nice To Haves

• Cloud Expertise: Experience with cloud architecture and infrastructure (AWS, Azure), particularly in a secure government environment.
• Advanced Certifications: CISSP or CISM (fulfills DoD 8140 IAM Level II).
• System Administration: Hands-on experience as a System Administrator for Windows and Linux operating systems. OS certifications (e.g., RHCSA, Microsoft Certified) are a plus.
• Networking: Network+ certification or equivalent knowledge of network architecture and protocols.
• Scripting: Experience with scripting languages (e.g., PowerShell, Bash) for automation.
• Background: General knowledge of military platforms, electronic warfare systems, and COMSEC procedures.
• Experience working on-site in a government client environment

Responsibilities

• Risk Management Framework (RMF): Lead the end-to-end RMF process to obtain and maintain the Authority to Operate (ATO) for new and existing systems.
• Security Artifacts & Documentation: Create, review, and maintain all required RMF artifacts, including system security plans (SSPs), network diagrams, and risk assessment reports.
• Policy & Procedure Management: Conduct annual reviews of all cybersecurity policies. Create, update, and manage technical documentation, including Standard Operating Procedures (SOPs) and work instructions.
• Vulnerability Management: Perform cyber impact evaluations and implement corrective actions for Information Assurance Vulnerability Alerts (IAVAs). Oversee and verify system hardening using tools like STIGs.
• Auditing & Monitoring: Utilize security tools such as ACAS (Assured Compliance Assessment Solution) to perform regular system audits and ensure compliance. Monitor system logs and respond to security incidents.
• Stakeholder Collaboration: Serve as a primary cybersecurity advisor, effectively communicating risk and strategy to stakeholders including the AO, Wing ISSM, and Squadron Commanders.
• System Maintenance: Perform day-to-day maintenance, including server and client updates, software installation, and applying security patches across Windows and Linux environments.
• Configuration Management: Implement and maintain a robust configuration management program to ensure the integrity and baseline control of all systems.
• User & Account Management: Create and manage system accounts, conduct user training on security protocols, and serve as a point of contact for technical support.
• Data Transfers: Securely perform data extractions and transfers between system boundaries with differing classification levels, ensuring data integrity and compliance with all security protocols.
• Network & Hardware Support: Provide foundational IT support, troubleshoot hardware and software issues, and ensure network performance meets operational needs.