Information Systems Security Officer

Job Number: R0236862

Support mission‑critical national security programs as the lead Information Systems Security Officer (ISSO) overseeing the full lifecycle of Risk Management Framework (RMF) authorization activities. You will rely on cybersecurity and Information Assurance (IA) background to be a technical leader and support Enterprise activities and Booz Allen customers throughout multiple classified computing domains. You will assume responsibility for ensuring all Information System Security policies, standards, and directives are enforced to support assessment, authorization and continued operation of information systems processing classified information.

You will define security expectations, drive the remediation of vulnerabilities, and collaborate across multidisciplinary teams to ensure systems remain authorized, protected, and mission ready.

• Lead RMF authorization activities, including system categorization, control selection, assessment preparation, authorization packages, technical vulnerability assessments, and ongoing monitoring.
• Oversee vulnerability management cycles, including ACAS reviews, CVE analysis, plugin evaluation, POA&M development, and mitigation coordination.
• Direct the development, maintenance, and accuracy of all A&A artifacts, such as SSP, POA&M, CONOPS, and monitoring plans.
• Manage audit log collection, review, dashboard analysis, and reporting through SPLUNK and other enterprise tools.
• Ensure system incident response and recovery efforts follow approved procedures and maintain full security functionality.
• Serve as the central point of contact for security posture, policy interpretation, and compliance guidance.

As an ISSO in a high‑visibility mission space, you will protect systems critical to national security. You will be empowered to drive RMF excellence, influence system design and security decisions, and mentor technical teams in secure operations.

Join us. The world can’t wait.

• 5+ years of experience with NIST 800‑53, ICD 503, RMF, and secure system operations
• Experience developing and maintaining A&A artifacts
• Experience with STIGs, Tenable scanning, mitigation of ACAS results, CVE research, and vulnerability remediation coordination
• Experience solving technical problems quickly and identifying opportunities to automate repetitive processes
• Experience building or reviewing SPLUNK dashboards and audit analysis
• Experience with Cybersecurity in the IC community
• Knowledge of network security principles and practices
• TS/SCI clearance with a polygraph
• HS diploma or GED
• IAM Level III certification, such as CISSP, GSLC, or CISM

• Experience as an ISSO, ISSM, ISSE, or SCA supporting classified programs
• Experience coordinating and documenting data spill response activities
• Possession of strong communication and leadership skills
• Bachelor's degree in a Cybersecurity or IT related field preferred
• CCNA, Red Hat, or Windows certification

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well‑being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work‑life programs, and dependent care. The projected compensation range for this position is $77,600.00 to $ (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees.

This posting will close within 90 days from the Posting Date.

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.