Senior Information System Security Officer (ISSO)
Innovative Management & Technology Services
- Clarksburg, WV
- Permanent
- Full-time
Join a fast-growing company highly experienced in cyber security, cloud computing, virtualization, big data analytics, and project management! IMTS offers competitive compensation, excellent benefits including tuition reimbursement and employer-contributed 401K, and referral bonuses. We work with the best customers on-site at top government agencies.Job Title: Senior Information System Security Officer (ISSO)
Primary Location: Clarksburg, WV - Hybrid
Clearance: Top-Secret (TS)Position Summary:
We are seeking a highly skilled and mission-driven Senior Information Systems Security Officer (ISSO) to join our cybersecurity team supporting a critical government program. This position requires deep knowledge of federal cybersecurity standards, hands-on technical security expertise, and the ability to lead compliance efforts in a Scaled Agile Framework (SAFe) development environment. You will serve as a key security advisor across engineering, operations, and leadership teams to ensure enterprise systems remain secure, compliant, and resilient.
Responsibilities:
- Lead the implementation and maintenance of system security controls in compliance with federal cybersecurity frameworks, including NIST SP 800-53, RMF, OWASP, DISA STIGs, and Common Criteria.
- Oversee the full lifecycle of Authorization to Operate (ATO) processes, including preparation of System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and risk assessments.
- Serve as a senior security advisor and liaison to system owners, developers, DevOps engineers, and government stakeholders.
- Participate in technical reviews of system architecture and ensure secure design of virtualized and software-defined infrastructures.
- Support integration of security controls into CI/CD pipelines using DevSecOps principles and tools (e.g., Jenkins, GitLab CI, SonarQube, Snyk).
- Provide security engineering support for modern cloud environments, including AWS, Azure, or Google Cloud Platform, and assess cloud-native security capabilities.
- Conduct vulnerability assessments, interpret scan results from tools like Tenable, Nessus, Splunk, or Qualys, and lead remediation efforts.
- Mentor junior ISSOs and analysts on security policies, best practices, and tool usage.
- Ensure continuous monitoring activities are aligned with organizational risk tolerance and compliance goals.
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent combination of education and experience).
- 8+ years of progressive experience in information systems security, with at least 3 years in a senior-level or lead ISSO role supporting federal or state government agencies.
- Strong working knowledge of:
- NIST 800-53, RMF, FISMA, OWASP Top 10, and SANS Institute standards.
- SAFe Agile environments and integrating security in Agile workflows.
- Networking, Linux/Windows system administration, and secure software development practices.
- Cloud platforms (AWS, Azure, GCP) and related security tools (e.g., AWS Security Hub, Azure Defender).
- Experience in managing security documentation, participating in audits, and working with compliance frameworks.
- Relevant certifications such as CISSP, CISM, Security+, CEH, or equivalent.
- Active Top Secret clearance is required.
- U.S. Citizenship is required.
- Experience with Infrastructure-as-Code (IaC) tools such as Terraform, Ansible, or CloudFormation.
- Familiarity with container security (e.g., Kubernetes, Docker) and cloud-native application protection platforms (CNAPP).
- Prior work in defense, intelligence, or law enforcement IT environments.