Information Systems Security Officer; ISSO

Information System Security Officer (ISSO)

Location:

On‑Site in Arlington, VA.

Department:
Cyber Security Services.

Reports To:

Management.

FLSA Status:
Full Time/Non‑exempt.

Apavo is a leader in cybersecurity services for military, defense, and critical infrastructure industries. We value quality, communication, and a work‑life balance, fostering a growth mindset among all team members. This role gives you an opportunity to make a meaningful impact while growing professionally.

The Information System Security Officer supports the Information System Security Manager, advising on technical matters to maintain the security posture of systems and providing input on architecture, policies, and procedures. The ISSO oversees continuous monitoring and ensures compliance with cybersecurity policies.

• Support the development and maintenance of the organizational or system‑level cybersecurity program.
• Identify stakeholders and manage RMF activity requirements to establish accountability and access approvals.
• Maintain status of artifacts and repositories for system‑level cybersecurity documentation.
• Ensure appointments in accordance with RMF 800‑37 guidance and established policies.
• Monitor compliance with cybersecurity policy and review monitoring results.
• Synchronize and coordinate cybersecurity inspections, tests, and reviews.
• Implement security measures and report incidents to the AO, coordinating system‑level responses to unauthorized disclosures.
• Handle possible or actual data spills of classified information within systems.
• Report configuration changes that may affect DoD authorization or security posture to the AO and stakeholders.
• Ensure secure configuration of IT below the system level before acceptance into a DoD system.
• Confirm all users have required security clearances and are aware of their responsibilities.
• Initiate protective or corrective measures for discovered incidents or vulnerabilities, ensuring a reporting process for authorized users.
• Update all DoD system cybersecurity documentation and make it available to authorized individuals.
• Perform additional duties assigned in support of corporate cybersecurity services.

This is typical office or administrative work with no exposure to adverse environmental conditions. The position requires sedentary work, defined as occasional lifting of up to 10 pounds and predominantly sitting.

• Bachelor’s degree.
• Associate’s degree with 2+ years relevant experience, or high school diploma/GED with 4+ years relevant experience.
• 5+ years relevant experience.
• IAT Level II Certification.
• DoD Top Secret Clearance required with eligibility for SCI.
• Systems Security Engineering background preferred.
• Effective communication skills for cross‑functional collaboration.
• Strong analytical skills for identifying vulnerabilities and documenting control implementation.
• Knowledge of system artifact requirements for a System Security Plan.
• Familiarity with AWS and CSP requirements for System Impact Analysis and Documented Risk Acceptance.
• Jira and Agile SAFe experience or ability to learn is required.
• Detail‑oriented with ability to manage multiple tasks and prioritize.
• Comprehensive knowledge of RMF activities and ability to articulate to executive audiences.
• Familiarity with Federal, NIST, DOD and IC security policies.
• Familiarity with federal regulatory requirements, contractual obligations, and industry standards related to information security, including Privacy, GDPR, and HIPAA compliance.

Apavo Corporation provides equal employment opportunities to all applicants and employees and strictly prohibits discrimination in regard to race, religion, age, color, sex, disability status, national origin, genetics, sexual orientation, protected veteran status, gender expression, gender identity, or any other characteristic protected under federal, state, and/or local laws. Consistent with the Americans with Disabilities Act, the company provides reasonable accommodations when requested.