Information Security Systems Officer (ISSO)

Colorado Springs, CO
Permanent
Full-time

1 month ago

Job DescriptionJob Description: Sigmatech is seeking a qualified Information Systems Security Officer (ISSO) to support the National Security Space Institute (NSSI) by ensuring information systems comply with federal cybersecurity policies and the Risk Management Framework (RMF). The ISSO will coordinate with IT professionals, system owners, and cybersecurity personnel to secure systems throughout their lifecycle and support mission assurance through security compliance. Job responsibilities for this position include:

Support and maintain compliance with DoD, AF, and NIST cybersecurity policies (e.g., NIST SP 800-53, DoDI 8510.01).
Assist with RMF Assessment & Authorization (A&A) efforts and maintain ATO packages using tools such as eMASS and/or XACTA.
Develop, maintain, and update key cybersecurity documentation (SSPs, POA&Ms, SARs, CONOPs).
Monitor and respond to cybersecurity vulnerabilities, incidents, and audit findings across assigned systems.
Conduct periodic security reviews, self-assessments, and system audits to support Continuous Monitoring.
Track user training, privileged access, and security control implementation.
Coordinate with the ISSM on system configurations, STIG compliance, and patch management.
Support incident response, reporting, and mitigation activities per DoD/AF requirements.
Assist in implementing cybersecurity solutions in cloud and hybrid environments.

Experience and SkillsTasks:

Document and manage RMF security controls and implementation evidence.
Identify and mitigate system vulnerabilities and threats.
Provide just-in-time cybersecurity guidance and troubleshooting to system users and administrators.
Perform security impact assessments of changes to the system and assist with configuration management processes.
Maintain awareness of cybersecurity trends, DoD policy changes, and relevant compliance requirements.

Skills:

Skill in analyzing and documenting security incidents and risk assessments.
Skill in using vulnerability scanning tools (e.g., ACAS/Nessus).
Skill in interpreting cybersecurity compliance frameworks and regulations.
Skill in collaborating with IT teams, ISSMs, and stakeholders to communicate security status and recommendations.

Knowledge:

Knowledge of RMF processes and NIST cybersecurity frameworks.
Knowledge of DoD/AF cybersecurity policies and procedures.
Knowledge of eMASS, XACTA, and DISA STIGs.
Knowledge of network security, operating systems, and cloud computing environments.
Understanding of system life cycle security principles and software/system hardening practices.

Ability:

Ability to interpret and implement complex cybersecurity guidance.
Ability to coordinate technical and administrative tasks to meet accreditation timelines.
Ability to communicate clearly, both orally and in writing, with technical and non-technical audiences.

Compliance Per DoD 8140 Qualification Matrix: Intermediate Proficiency LevelEducation: Bachelor’s Degree in Cybersecurity, Information Technology, Computer Science, or a related field from an ABET-accredited or NSA/CAE-designated institution. Master’s Degree preferred. 5+ years of relevant experience in DoD cybersecurity roles is desired.Personnel Certification: Security+, CISSP, CAP, CND, CySA+, SSCP, GSEC, or equivalent IAT Level II/III or IAM Level I/II certificationClearance: Top Secret (SCI eligible) requiredIn compliance with Colorado’s Equal Pay for Equal Work Act, the salary range for this role is $100 - $150/hr; however, Sigmatech considers several factors when extending an offer, including but not limited to, experience, education/training, key skills, location, and often contractual requirements.EEO employer**This position is for an independent consultant (1099), there are no benefits associated with this position. This work will be performed up to but not past 28 Feb 26. While it is possible, there is no guarantee of work past this date. **

Sigmatech

Apply Now