Information Systems Security Officer

Overview

Information Systems Security Officer (ISSO)

A fast-growing space technology company is building modern, cloud-native mission operations software with the goal of transforming how satellites are operated. Their platform replaces fragmented legacy ground systems with an integrated, automation-driven approach, bringing modern software practices into space operations.

They are a small, high-performing team with strong aerospace and software backgrounds, working on real missions in a highly regulated environment. This is an opportunity to have a direct impact while working alongside ambitious, technically strong peers.

The Information Systems Security Officer (ISSO) will be responsible for establishing, implementing, and maintaining information security policies, standards, and procedures to ensure the confidentiality, integrity, and availability of classified and unclassified information systems.

You will lead the Risk Management Framework (RMF) process from end to end, working through Steps 1–6 to obtain and maintain Interim Authority to Test (IATT) and Authority to Operate (ATO) approvals for cloud-based classified systems. This includes engagement with Cognizant Authorization Officials, including government space and defense security bodies.

You will work closely with the Information Systems Security Manager (ISSM), Facility Security Officer (FSO), IT administrators, and government stakeholders to build and maintain a compliant, scalable security program.

Security policy and governance

• Develop and enforce information security policies, standards, and procedures aligned with CNSSI 1253, NIST SP 800-53, NIST SP 800-60, and applicable federal regulations
• Ensure policies remain current and responsive to evolving threats and vulnerabilities

Risk management and compliance

• Conduct regular risk and vulnerability assessments
• Implement mitigation strategies and manage RMF activities
• Maintain IATT and ATO status through formal assessments and continuous monitoring
• Support government-led security control assessments
• Develop and maintain an Incident Response Plan
• Lead investigations, containment, and remediation of security incidents
• Review and adjudicate SIEM alerts and events

System Security Plans

• Create and maintain System Security Plans (SSPs) within eMASS for SECRET and/or UNCLASS systems
• Collect and manage required artifacts, including policies, procedures, compliance evidence, and vulnerability reports

Training and collaboration

• Deliver security awareness and training for users of classified systems
• Act as a trusted security point of contact across technical and non-technical teams
• Continuously improve security processes and controls

• Active SECRET clearance, TS/SCI strongly preferred
• Bachelor’s degree in Information Security, Computer Science, or a related field

• 5+ years of experience in information security supporting government-authorized systems
• Strong knowledge of RMF, CNSSI, and NIST frameworks
• Hands-on experience with SIEM, IDS/IPS, STIG hardening, and vulnerability management tools
• Exposure to Kubernetes, cloud-based classified environments, CI/CD pipelines, and secure network architecture

• IAT Level II certification required (e.g., CompTIA Security+ or equivalent)
• IAT Level III preferred (e.g., CISSP, CISM, or equivalent)
• Strong communication and stakeholder management skills
• Analytical mindset with the ability to manage multiple priorities in a fast-paced environment

Export control requirements

Applicants must meet US export control requirements and be eligible to work on ITAR-regulated programs.

• Opportunity to work in a cutting-edge space technology environment
• High-impact role within a small, collaborative team
• Strong focus on work-life balance with generous time off
• Comprehensive health coverage and retirement contribution
• Regular company offsites and a culture where individual contributions genuinely shape the company’s direction