Information System Security Officer (ISSO)

Expertise and Functions

• Ensure all systems and applications meet DoD and Air Force cybersecurity requirements as directed by the Information System Security Manager (ISSM).

• Protect the confidentiality, integrity, and availability of systems, networks, and data by developing, implementing, and maintaining cybersecurity programs, policies, procedures, and security tools.

• Support all Risk Management Framework (RMF) authorization and accreditation activities, including configuration, artifact creation, documentation, and compliance reviews.

• Assist the ISSM in performing risk and vulnerability assessments on planned and operational information systems, identifying security gaps and recommending mitigation actions.

• Conduct security evaluations, audits, and reviews; support development of system contingency and disaster recovery plans; and promote user compliance with cybersecurity policies and training requirements.

• Participate in system and network design efforts to ensure appropriate security controls and RMF activities are incorporated from the start.

• Collect, analyze, and preserve digital evidence related to cybersecurity incidents or policy violations

• Maintain the operational security posture of assigned IT systems, monitor situational awareness, and implement actions to improve or restore cybersecurity resilience.

• Enforce Air Force cybersecurity policies, procedures, configuration guidelines (e.g., STIGs/SRGs), and change management processes.

• Maintain and audit authorized user access documentation and ensure users meet clearance, need‑to‑know, and annual training requirements.

• Report security incidents or vulnerabilities to the ISSM and support implementation of corrective or protective measures.

• Initiate and track exceptions, deviations, or waivers to cybersecurity requirements as needed.

• Other duties as assigned

Requirements

• Education/Training:

• Bachelor’s Degree preferred

• IAT Level II (Security+, GSEC, CCNA-Security, Certified Systems Security Professional (CISSP), or equivalent certification

• Must maintain required cybersecurity certifications in accordance with AFMAN 17‑1303.

Experience:

• 3+ years of experience in a related field in a DoD environment

• Experience supporting Risk Management Framework (RMF) activities and cybersecurity compliance

• Experience using eMASS for authorization packages, artifact management, and accreditation support

• Vulnerability assessment and risk mitigation analysis

• STIG/SRG implementation and configuration management

• Security audits, assessments, and incident response support

• Information system security and operational security posture management

• Secure system and network design support in DoD environments

• Ability to develop innovative approaches to complex test problems

• Strong attention to quality, adequacy, and completeness of test results and conclusions

• Ability to deliver thorough, timely, and efficient task execution

• Ability to provide clear analysis and recommendations to program test leadership

Security:

• Must be a US citizen

• Must have an active Secret clearance

Physical Requirements

• Able to occasionally reach with hands and arms
• Prolonged periods of computer screen use, while sitting or standing at a desk
• Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.)
• Able to safely lift and carry up to 20 pounds at a time

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Short Term & Long Term Disability
• Training & Development
• Wellness Resources

Salary:

The projected salary range for this position is $89,000 - $105,000. This is not a guarantee of compensation, rather actual salary will be based on experience, qualifications, and applicable certifications or degrees held. Offered salary may fall outside of this range.