Information Systems Security Officer; ISSO

About Us

Onyx Government Services, LLC., is a Service-Disable Veteran-Owned Small Business (SDVOSB), headquartered in Fairfax, Virginia. We specialize in data management, integration, and analysis solutions to provide decision-ready information to Command and Control (C2) and Decision Support Systems. We have demonstrated expertise in the field of Information Technology, database & COTS integration, and custom software development. Onyx pairs subject matter and functional experts with developers to provide high quality, tailored solutions.

In support of our various efforts, we have developed the Onyx Data Management Toolkit, a combination of Agile Development principles, COTS Integration, and custom software, to deliver flexible, cost-effective solutions to a variety of Department of Defense, Intelligence Community, and Law Enforcement agencies.

This position is contingent upon award

The ISSO / RMF Engineer owns TRDM's ATO lifecycle. Maintains eMASS package, manages POA&Ms, executes IAVM, runs STIG/ACAS scans, and integrates security across the SDLC. Supports cyber incident reporting per PWS §5 (72-hour timeline).

• Maintain TRDM Authority to Operate (ATO) in eMASS
• Produce evidence/artifacts for all applicable NIST 800-53 controls (95% quality threshold per PWS)
• Execute IAVM program; coordinate with 375th ESS and AMC/A6
• Run STIG/SRG, ACAS, and Fortify scans; remediate findings
• Maintain POA&Ms; track milestones and risk acceptance
• Lead annual security review (ASR)
• Report cyber incidents within 72 hours
• Support continuous monitoring per FedRAMP and DoD policy

• Active SECRET clearance
• US Citizen
• Bachelor's degree
• CISSP
• DoD 8570 IAT-II
• 7+ years cybersecurity / RMF
• 3+ years as ISSO on DoD systems
• Hands-on eMASS experience

• CAP
• DoD Zero Trust experience
• FedRAMP experience
• Prior USTRANSCOM or AMC RMF experience

Scott AFB, IL (508 Scott Drive). On-site primary; off-site permitted for unclassified work where noted. SIPRNet work on-site only.