Own the day-to-day security authorization posture of assigned DoD information systems
Work within a well-resourced team with dedicated engineering, operations, and architecture support
Develop expertise in modern RMF tooling including eMASS and eMASSer automation
Directly support mission continuity by managing ATO packages and continuous monitoring programs
Grow into a senior GRC role with clear advancement pathways
Develop, maintain, and update System Security Plans (SSPs) for assigned systems
Manage Plans of Action & Milestones (POA&Ms) from identification through remediation and closure
Compile and submit Authorization to Operate (ATO) packages
Conduct continuous monitoring activities per established strategy
Utilize eMASS for GRC management and RMF workflow tracking
Coordinate with Information System Security Engineers (ISSEs) and Security Operations (SecOps) to validate control implementations
Develop Security Assessment Plans (SAPs) and support Security Assessment Report (SAR) coordination
Draft supply chain risk management plans
Support the Cybersecurity Architect with RMF strategic planning

Active Secret or Top Secret clearance
3–5 years of RMF/ATO experience within DoD or federal environments
Hands-on experience with eMASS
Working knowledge of NIST SP 800-53r5 and DoD RMF processes
Demonstrated ability to independently author SSPs and manage POA&Ms
Required Certification: DoD 8140.03M DCWF Basic tier certification — CEH
Desired Certification: DoD 8140.03M DCWF Intermediate tier certification — one of: CEH(P), RCCE Level 1, Cloud+, CPTE, FITSP-A, GCED, GCIH, GCSA, GICSP, GSEC, PenTest+, or Security+
Desired Education: Bachelor’s degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering

Information Systems Security Officer – ISSO

Key skills