×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant

Lead Information System Security Officer; ISSO

Job in McLean, Fairfax County, Virginia, USA
Listing for: General Dynamics Corporation
Full Time, Part Time, Seasonal/Temporary position
Listed on 2025-12-20
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below
Position: Lead Information System Security Officer (ISSO)

Lead Information System Security Officer (ISSO)

Location: USA VA Mc Lean

Full Part/Time: Full time

Job Req: RQ211280

Type of Requisition: Regular

Clearance Level Must Currently Possess: Top Secret SCI + Polygraph

Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph

Public Trust/Other

Required:

 None

Job Family: Cyber and IT Risk Management

Job Qualifications:

Skills: Assessment & Authorization (A&A), Continuous Monitoring, Security Audit, Security Compliance Assessment

Certifications: None

Experience: 10+ years of related experience

US Citizenship

Required:

 Yes

Responsibilities for this Position

Job Description:

Lead Information System Security Officer (ISSO)

GDIT is seeking a highly skilled and multi‑faceted Lead Information System Security Officer (ISSO) for a critical contract role supporting this commercial Cloud Service Provider's mission‑critical systems in our McLean, VA office.

The ideal candidate is a proactive and seasoned professional with extensive, hands‑on experience navigating the FedRAMP, DOD Impact Level 6 (IL6), and Risk Management Framework (RMF) requirements for classified commercial cloud services and cross‑domain solutions. This role requires a unique blend of technical engineering prowess, security assessment and auditing skills, deep expertise in continuous monitoring, and the polish to communicate risk to executive leadership.

You will be a key contributor to our Governance, Risk, and Compliance (GRC) program, supporting the Information System Security Manager (ISSM) in ensuring the unyielding security and integrity of mission‑critical systems.

1. RMF & Assessment and Authorization (A&A)
  • Lead A&A Execution:
    Shepherd complex cloud service offerings, and Cross Domain Solutions (CDS) as needed, through the entire respective FedRAMP/DOD IL6 and RMF lifecycle to obtain and maintain the applicable authorizations. This includes classified accreditations adhering to regulations like Raise the Bar (RTB) for CDS systems.
  • Documentation Mastery:
    Develop, author, and maintain a comprehensive body of evidence for A&A packages. This includes the FedRAMP/DOD IL6 authorization package and appendices, the DOD CDS authorization package requirements, and the IC joint test team authorization package requirements.
  • Continuous Monitoring & POAM Management:
    Take full ownership of the monthly and overall FedRAMP/DOD IL6, DOD CDS, and IC Continuous Monitoring requirements.
  • Compliance & Policy Adherence:
    Act as the primary technical interpreter of security requirements/controls, ensuring all network solutions and system architectures strictly adhere to mandates such as ICD 503, NIST SP 800‑53, CNSSI 1253, and all applicable DISA STIGs and SRGs.
2. Security Engineering & System Hardening
  • Technical Security Integration:
    Review system designs, network architectures, and proposed changes to ensure security principles are integrated from the ground up.
  • System Hardening & Configuration:
    Work with security engineering to implement and validate security controls, to ensure STIGs applied to operating systems, network devices, and applications.
  • Vulnerability Management:
    Work with security engineering to proactively identify and assess vulnerabilities using tools like Tenable Nessus. Work with system administrators to prioritize and track remediation efforts, ensuring compliance with established timelines.
  • Network Security & Architecture Review:
    Conduct in‑depth firewall rule reviews, analyze network architecture for security flaws, and manage Ports, Protocols, and Services Management (PPSM) submissions in alignment with Continuous Monitoring activities.
3. Security Control Assessor (SCA) & Auditing
  • Security Audits & Inspections:
    Conduct comprehensive security control audits, traditional security reviews, and formal inspections, including preparing for and executing FedRAMP/IL6 third‑party assessment organization (3

    PAO) assessments, DOD CDS assessments, and IC assessments. (Potential to support DCSA classified space assessments.)
  • Artifact & Evidence Review:
    Meticulously review artifacts, logs, and system configurations to ensure they provide sufficient evidence of compliance. Audit the work of ISSEs and system…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search