×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Mid-Level Information System Security Officer; ISSO

Job in Seaside, Monterey County, California, 93955, USA
Listing for: ECS
Full Time position
Listed on 2025-10-30
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 135000 - 150000 USD Yearly USD 135000.00 150000.00 YEAR
Job Description & How to Apply Below
Position: Mid-Level Information System Security Officer (ISSO)

Mid-Level Information System Security Officer (ISSO)

Apply for the Mid-Level Information System Security Officer (ISSO) role s position is remote but preferably in close proximity to the National Capital Region (NCR). The selected candidate will serve as an advisor to one or more Information System Owners, Business Process Owners, and ISM on all matters involving information system security.

Location:

Seaside, CA and Alexandria, VA (remote). Clearance:
Secret required;
Top Secret may be required. Salary Range: $135,000 – $150,000.

Responsibilities
  • Serve as a mid-level ISSO for one or more Boundary/System Owner and ISSM on all matters (technical or otherwise) involving the security.
  • Promote the DHRA/DMDC Risk Management Framework maturity.
  • ATO Program Owner Support
    • Act as a facilitator between Program and Product Owners and other Cybersecurity stakeholders for coordination of communication and activities within eMASS.
    • Advise program stakeholders on ATO requirements and identify any missing information in eMASS.
    • Explain non-compliant controls and propose solutions to stakeholders.
    • Provide support for program teams on eMASS toolset usage, RMF policies, and additional cybersecurity topics, e.g., cATO, system network traffic diagrams, documenting PPSM, RMF control remediation.
    • Support Program/Product Owner for their given assessments, validations, and audits with respect to eMASS access and clarifications.
  • EMASS
    • Monitor RMF authorization status through eMASS and maintain and communicate a schedule of actions and timelines needed to obtain and sustain system/application authorization.
    • Create and maintain entries within eMASS instances for applications with required artifacts associated to the relevant Common Control Identifier (CCI) security controls. Artifacts will be provided by DHRA program, product, or project managers.
  • STIGS
    • Develop STIG/Control crosswalk documentation to article functionalities to determine how those controls impact the app/system; upon mitigation then take the necessary supporting documentation and screenshots from program, product or project managers and update the associated controls and POAMs in eMASS.
    • Utilize the assigned tool, such as eMASSTER to generate STIG results, and assigned actions for remediation. Other STIG tools may be applicable.
  • POA&Ms
    • Ensure POAM entries are kept current in eMASS and report on POAM statuses. Submit POAM workflow requests in eMASS for item closure or extension.
    • Coordinate with stakeholders to develop POA&M milestones, identify and allocate resources and determine the remediation schedule.
  • Align roadmaps, update eMASS timelines and POAMs, and coordinate communication with Cybersecurity Division.
  • Identify efficiencies and employ available and approved procedures or templates for repeatable methods for any shared requirements across applications.
  • Participate in Cyber Compliance Meetings as needed.
  • Create presentations and metrics as requested; create weekly, monthly, and in-progress review presentations as needed.
Required Skills
  • Must be a US citizen, possess a Secret Clearance, and be willing to acquire and maintain a DoD Top Secret clearance if requested.
  • Bachelor’s degree in computer science, cybersecurity, information security, or similar discipline and 5 - 8 years of cybersecurity experience in support of the DoD or other federal clients (education/experience substitution allowed).
  • Active DoD 8570 certification minimum compliance, including at least one of the following certifications in good standing: CASP+ CE, CISSP, Security+.
  • Firm understanding of the NIST Special Publications, DoD Risk Management Framework (RMF) processes and NIST 800-53 security controls.
  • Display technical experience with conducting research and providing review recommendations of software and technologies.
  • Experience developing and managing POAMS in eMASS.
  • Experience with reviewing vulnerability scans and providing mitigation techniques.
  • Broad technical knowledge is required to review DISA Security Technical Implementation Guides (STIGs).
  • Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search