Cleared Information System Security Officer; ISSO — L3
Job in
Lorton, Fairfax County, Virginia, 22199, USA
Listed on 2026-06-26
Listing for:
Virtual Service Operations
Full Time
position Listed on 2026-06-26
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Systems Administrator
Job Description & How to Apply Below
Opportunity
Virtual Service Operations is searching for an Information System Security Officer (ISSO) Level 3 to join our dynamic team in Lorton, Virginia. The ISSO supports cybersecurity, compliance, and risk management activities for DoD information systems operating within classified and/or controlled environments. The ISSO works closely with the Information System Security Manager, system administrators, engineers, program managers, and government stakeholders to maintain compliance with applicable cybersecurity policies, including the Joint Special Access Program Implementation Guide (JSIG), DoD Risk Management Framework (RMF), and applicable Intelligence Community (IC) and DoD directives.
The ISSO assists in the implementation, assessment, monitoring, and maintenance of security controls to support Authorization to Operate (ATO) activities and continuous monitoring requirements.
- ISSM Support & Core Security Authorities
- Assist the ISSM in meeting their duties and responsibilities, and assume ISSM responsibilities in their absence.
- Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures outlined in the security authorization package.
- Verify that all users possess the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities prior to being granted access to the system.
- Report all security-related incidents to the ISSM.
- Conduct periodic reviews of information systems to verify continued compliance with the security authorization package.
- Serve as a member of the Configuration Control Board (CCB) when designated by the ISSM.
- Coordinate any changes or modifications to system hardware, software, or firmware with the ISSM and Authorizing Official/Designated Authorizing Official (AO/DAO) prior to implementation.
- Formally notify the ISSM and AO/DAO when changes occur that might affect the system’s security authorization.
- Monitor system recovery processes to confirm security features and procedures are properly restored and functioning correctly.
- Maintain an equivalent IAM Level 2 certification based on the DoD 8140 standard.
- Participate in joint agile backlog planning, providing feedback to the software development and infrastructure teams on high- and medium-risk items that require Information System Owner approval.
- Cybersecurity Compliance & RMF Support
- Support the implementation and maintenance of cybersecurity requirements in accordance with JSIG, RMF, and applicable DoD policies.
- Assist in developing, maintaining, and updating RMF documentation including:
- System Security Plans (SSPs)
- Security Control Traceability Matrices (SCTMs)
- Plans of Action and Milestones (POA&Ms)
- Security Assessment Reports (SARs)
- Continuous Monitoring Plans
- Ensure security controls are implemented and maintained in accordance with approved security baselines.
- Support security authorization efforts throughout the RMF lifecycle.
- Continuous Monitoring & Vulnerability Management
- Conduct continuous monitoring activities to maintain system authorization.
- Review and analyze vulnerability scan results from tools such as ACAS.
- Track remediation efforts and validate closure of identified vulnerabilities.
- Assist with risk assessments and development of mitigation strategies.
- Monitor system changes for security impact and support configuration management activities.
- Security Operations
- Coordinate and support security audits, inspections, and assessments.
- Maintain security-related records, reports, and artifacts required for compliance reviews.
- Investigate and document cybersecurity incidents and assist with incident response activities.
- Ensure audit records are collected, reviewed, retained, and documented in accordance with security requirements, including any identified anomalies.
- Verify proper implementation of system hardening standards and security configurations.
- Work with information system security engineers to ensure secure system configurations.
- Review proposed system changes and evaluate security implications.
- Validate compliance with approved configuration baselines.
- Support enforcement of least privilege and separation of duties principles.
- Provide security guidance to system users and administrators.
- Documentation & Reporting
- Maintain accurate cybersecurity documentation and records, ensuring all IS security-related documentation is current and accessible to properly authorized individuals.
- Prepare reports and briefings for program leadership, ISSM, and government representatives.
- Support internal and external cybersecurity assessments.
- Maintain evidence required for audits and authorization activities.
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or related field (or equivalent experience).
- 5+ years of cybersecurity, information assurance, or information systems security experience.
- Experience supporting DoD RMF processes and cybersecurity compliance efforts.
- Working…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×