Information Systems Security Officer; ISSO

Overview

Information Systems Security Officer (ISSO) to lead the security authorization and continuous monitoring efforts for our cloud platforms. This leadership role is pivotal in ensuring Armis meets the stringent security standards required for the defense and intelligence community.

You will join the Armis Governance, Compliance and Risk team and work closely with all engineering and product teams, serving as the primary liaison to the Office of the Chief Information Security Officer (OCISO) and external authorizing bodies.

• Lead and support the security authorization process for cloud solutions seeking and maintaining FedRAMP and DoD Impact Level (IL) Authorized Unclassified ( IL-4, IL-5) and Classified (IL-6) cloud solutions.
• Serve as the primary ISSO for all designated systems under your purview, managing their security lifecycle from initial design through authorization and sustainment.
• Author and maintain all required security documentation, including System Security Plans (SSPs), ensuring controls are accurately documented and aligned with implementation.
• Manage all aspects of FedRAMP and DoD IL Continuous Monitoring (Con Mon), including gathering, reviewing, and submitting monthly, quarterly, and annual security artifacts to the appropriate authorizing bodies.
• Support sustained customer communications and actively participate in Continuous Monitoring Review Meetings with government partners.
• Drive the process for all FedRAMP and DoD IL Significant Change Requests and minor change requests, ensuring security impact analyses and authorization updates are completed accurately and on schedule.
• Collaborate with engineering teams to ensure control implementations are technically sound, auditable, and maintain compliance across rapidly evolving cloud and containerized environments.
• Support the GRC team and provide guidance related to commercial compliance efforts.

• Top Secret Security Clearance & US Citizenship
• 5+ years of direct experience supporting DoD and/or FedRAMP systems in an Information Security Officer, compliance, or security engineering capacity.
• Must currently reside in the greater Washington D.C. area or be willing to travel to the area on a regular basis to meet with government and authorization partners.
• Must be eligible for a Top Secret security clearance (current active clearance preferred) and must maintain DoD 8570 IAM Level III baseline certifications (e.g.,
  CISSP
  , CISM
  , GSLC
  ). IAM Level 3
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field; equivalent professional experience will be considered in lieu of a degree.
• Detailed understanding of NIST 800-53 Revision 5 security controls, security requirement traceability matrices (SRTM), and continuous monitoring practices.
• Detailed understanding of the DISA and FedRAMP significant change request process and authorization life cycles.
• Proven experience with AWS services management, security baseline enforcement, and compliance within cloud environments.
• Working experience with security incident response, event logging, alerting and the related tooling.
• Experience running Kubernetes in highly regulated environments.

• Experience managing security compliance efforts in DoD classified cloud environments.
• Demonstrated experience with AI implementations and automations specifically targeting federal compliance and evidence generation efforts.
• Administrator-level knowledge of AWS and Administrator-level knowledge of Linux operating systems.
• Experience taking a cloud information system through the entire FedRAMP and/or DoD IL authorization process and successfully obtaining an Authorization to Operate (ATO).
• Experience managing security packages and workflows within government GRC tools such as eMASS.
• Familiarity with FISMA and CMMC authorization processes.
• Ability to review Python and understand code as it relates to security controls and automation efforts, and demonstrated ability to write Python scripts to support compliance automation.
• Experience working with a global team where the majority of team members are remote.
• Experience working with task planning tools like JIRA and Asana.
• Experience managing content throughout its lifecycle in the Microsoft Office 365 ecosystem.
• Project management experience where the key stakeholders are at the executive level.

We are looking for experience with: DOD, CMMC, BCAP, VMSS &VDMS

Pay ranges $180,000 to $200,000

Bonus and Pre- IPO Equity

The salary range listed does not include other forms of compensation or benefits (e.g. i.e. bonuses, commissions, stocks, health insurance benefits, etc.) offered to candidates. Visit our careers site for more information on benefits at Armis.