Senior ISSO RMF Lead IC Cyber Defense
Listed on 2026-07-14
-
IT/Tech
Cybersecurity, Information Security
• Support mission-critical national security programs as the lead Information Systems Security Officer (ISSO)
• Oversee the full lifecycle of Risk Management Framework (RMF) authorization activities
• Lead RMF authorization activities, including system categorization, control selection, assessment preparation, authorization packages, technical vulnerability assessments, and ongoing monitoring
• Oversee vulnerability management cycles, including ACAS reviews, CVE analysis, plugin evaluation, POA&M development, and mitigation coordination
• Direct the development, maintenance, and accuracy of all A&A artifacts, such as SSP, POA&M, CONOPS, and monitoring plans
• Manage audit log collection, review, dashboard analysis, and reporting through SPLUNK and other enterprise tools
• Ensure system incident response and recovery efforts follow approved procedures and maintain full security functionality
• Serve as the central point of contact for security posture, policy interpretation, and compliance guidance
Requirements
- 5+ years of experience with NIST 800‑53, ICD 503, RMF, and secure system operations
- Experience developing and maintaining A&A artifacts
- Experience with STIGs, Tenable scanning, mitigation of ACAS results, CVE research, and vulnerability remediation coordination
- Experience solving technical problems quickly and identifying opportunities to automate repetitive processes
- Experience building or reviewing SPLUNK dashboards and audit analysis
- Experience with Cybersecurity in the IC community
- Knowledge of network security principles and practices
- TS/SCI clearance with a polygraph
- HS diploma or GED
- IAM Level III certification, such as CISSP, GSLC, or CISM
🔍 ATS Optimization Keywords
Below are skills and terms extracted directly from this job posting to improve Applicant Tracking System (ATS) visibility. This unique feature helps candidates tailor their applications more effectively — a feature exclusive to Job Tailor job listings.
Hard Skills
- Risk Management Framework (RMF)
- NIST 800-53
- ICD 503
- vulnerability management
- audit log collection
- SPLUNK
- STIGs
- Tenable scanning
- CVE research
- vulnerability remediation
Soft Skills
- problem solving
- automation
- communication
- leadership
- policy interpretation
- compliance guidance
Certifications & Qualifications
- IAM Level III
- CISSP
- GSLC
- CISM
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).