×
Register Here to Apply for Jobs or Post Jobs. X

Information System Security Officer; ISSO Security Clearance

Job in Fort Meade, Anne Arundel County, Maryland, USA
Listing for: ECS
Full Time position
Listed on 2026-07-13
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below
Position: Information System Security Officer (ISSO) with Security Clearance
Job Description Everforth ECS is seeking an Information System Security Officer (ISSO) to work onsite at our Ft. Meade, MD office. Everforth ECS is seeking an experienced Information System Security Officer (ISSO) to support robust Impact Level (IL) 5 and IL6 programs in an operational DoW environment that houses multiple U.S. Coalition Mission Partner Environments (MPE). This position is a demanding, high-energy role that requires strong cybersecurity judgement, attention to detail, and the ability to support authorization, compliance, and continuous monitoring activities across multiple enclaves in a dynamic Azure DoW environment.

The ideal candidate has hands-on ISSO experience supporting classified DoW programs, a working knowledge of RMF and NIST 800-53 controls, and familiarity with cyber tools such as ACAS and Trellix. They are organized, proactive, comfortable collecting and validating security artifacts, and able to communicate clearly with both technical and non-technical stakeholders. The ISSO reports to the Senior Technical Program Manager.

Job Responsibilities:

* Support:
* ISSO activities for a DoD Azure environment, including RMF, ATO maintenance, continuous monitoring, and compliance documentation.
* Development and maintenance of ATO artifacts, including security plans, control evidence, vulnerability reports, diagrams, inventories, and risk documentation.
* Security control assessments, audit readiness, continuous monitoring reviews, and authorization package updates for classified systems.
* Develop, update, and track POA&Ms for vulnerabilities, STIG findings, control gaps, audit findings, and other security risks.
* Maintain eMASS records, including control implementation details, artifacts, POA&Ms, assessment results, risk documentation, and continuous monitoring evidence.
* Review and validate STIG artifacts submitted by engineers, including checklists, scan results, remediation evidence, mitigations, and closure documentation.
* Work with engineers, system administrators, cloud teams, and government stakeholders to validate findings, track remediation, and keep security documentation current.
* Administer and maintain ACAS, including Nessus scanners, plugin updates, troubleshooting credentialed scan issues, scan scheduling, and vulnerability reporting.
* Review ACAS scan results and prepare vulnerability reports, metrics, POA&M updates, and remediation tracking artifacts.
* Administer and support Trellix / ESS, including ePO policies, endpoint protection settings, agent health, alert monitoring, and reporting.
* Investigate Trellix endpoint alerts, suspicious activity, malware events, and agent issues; assist with tuning policies, exclusions, and alerting logic to reduce false positives while maintaining required security coverage.
* Assist with monitoring, configuring, and documenting alerts, incidents, dashboards, and security events in Microsoft Sentinel.
* Participate in cybersecurity status meetings, vulnerability reviews, POA&M reviews, and ATO-related coordination with government and contractor teams.
* Other duties, as assigned. Required Skills
* U.S. Citizen.
* Active Secret clearance - TS/SCI preferred (Or ability to obtain)
* Active a DoD 8140 IAT Level II Security+ (or higher) active.
* Ability to work five days a week onsite at Fort Meade, MD.
* Experience supporting:
* DoD RMF, ATO maintenance, continuous monitoring, and security authorization documentation.
* vulnerability management activities using ACAS/Nessus.
* Hands-on experience with eMASS or similar RMF/GRC software, including control documentation, artifact management, POA&M tracking, and authorization package maintenance.
* Experience with:
* Creating, updating, and managing POA&Ms for vulnerabilities, STIG findings, audit findings, and NIST
800-53 controls.
* Reviewing and validating DISA STIG artifacts and coordinating remediation activities with technical teams.
* Trellix endpoint/security tools.
* Familiarity with NIST SP 800-53 controls, DoD RMF processes, and cyber security assessment documentation.
* Practical understanding of secured IT infrastructure, particularly Windows, RHEL, and Azure environments, with the ability to evaluate how network, identity, server, endpoint, authentication, logging, and core service components affect security, compliance, and authorization posture.
* Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
* Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management). Salary Range: $,000 Desired Skills
* Experience supporting:
* Microsoft Azure or other cloud environments in a DoD or federal environment.
* Security Control Assessments.
* Experience with Microsoft Sentinel, Microsoft Defender for…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary