×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Systems Administrator

Information Systems Security Officer; ISSO

Job in Alexandria, Fairfax County, Virginia, 22350, USA
Listing for: Institute for Defense Analyses
Full Time position
Listed on 2026-03-02
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Systems Administrator
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Information Systems Security Officer (ISSO)

Overview

IDA is has an excellent opportunity for an Information Systems Security Officer (ISSO). The ISSO works closely with the Information System Security Manager (ISSM) to support the daily operations of the information security program.

In this role, you will ensure appropriate operational security posture is maintained for local area networks (LAN), wide area networks (WAN) and multi-user stand-alone systems. The ISSO monitors these systems and their operational environment and must have the technical knowledge and expertise required to manage the security aspects of these systems.

The ISSO must understand requirements for physical and environmental protection of the computer systems, personnel security rules that pertain to systems, incident handling (such as classified spills or malware), and security training and awareness. The ISSO plays an active role in monitoring a system and its environment of operation to include developing and updating the system security plan (SSP), managing and controlling changes to the system, and assessing the security impact of those changes.

Responsibilities

Serves as the Information Systems Security Officer (ISSO) under the Information Systems Security Manager (ISSM) for IDA classified and unclassified systems.

  • Manages and coordinates information security monitoring, inspections and incident response.
  • Manages a formal information security / information systems security program with assistance from the ISSM.
  • Reviews and maintains information systems security plans (SSPs) and Assessment and Authorization (A&A) in accordance with DoW mandated policies.
  • Performs audit reviews of systems comprised of multiple operating system using security information and event management (SIEM) products to track multiple events including any signs of inappropriate or unusual activity, intrusion events, data transfers, etc. Reports any findings to the ISSM.
  • Performs recurring self-assessments on all systems under their purview to ensure compliance with documented security requirements and to detect any system level vulnerabilities. Prepares a detailed report of the findings and ensures proper protection and / or corrective measures are taken immediately, or develops a Plan of Action and Milestones (POA&M) to document planned actions.
  • Supports the ISSM during on-site assessments of US Government Security Control Assessors (SCAs) to demonstrate compliance with technical configuration requirements and implementation and enforcement of written security policy.
  • Continuously updates all required system documentation, including the SSP, POA&M, Risk Assessment Report, and system component inventories.
  • Develops procedures for responding to security incidents and investigating and reporting security violations and incidents as appropriate.

Develops, implements and enforces information security policies and procedures.

  • Assists ISSM to perform the steps involved in the execution of the Risk Management Framework (RMF), including generation of documentation, controls compliance testing, and continuous monitoring activities for systems.
  • Develops and periodically reviews training materials and standard operating procedures covering all technical and administrative aspects of system operations.
  • Works with IT to perform an initial system assessment to ensure that required security controls are implemented and operating correctly before a system is authorized for production.
  • Works with IT to develop automated processes to assist in maintaining system compliance and documentation updates.
  • Collaborates with IT to oversee an effective change management policy and procedures for authorizing use of hardware / software on an information system. Evaluates proposed changes against Government security requirements and recommends approval or denial based on a security impact analysis.
  • Reviews and ensures implementation of bulletins and advisories that impact the security posture of information systems covered by SSPs.
  • Reviews systems for compliance to Government requirements, and provide recommendations for improvements.

Develops an information systems security, education, training, and awareness program.

  • Clearly…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search