Information Security Systems Officer ISSO Support Specialist VACA

Overview

Must have an active Secret Clearance to be considered

Must be within 1 hour of Alexandria, VA or Seaside, CA

Nex Gen Technologies, Inc. is a leading IT services firm specializing in delivering innovative, high-quality solutions to our federal government clients. Our core competencies include IT professional support services, software development, cloud services, IT Operations, Agile project management, and GIS services.

Nex Gen is seeking a detail-oriented Information Security Systems Officer (ISSO) Support Specialist to provide comprehensive RMF and cybersecurity compliance support to the Defense Manpower Data Center (DMDC). The role supports enterprise-wide authorization activities by maintaining eMASS packages, monitoring RMF status, coordinating with Program and Product Owners, and ensuring alignment with DoD cybersecurity requirements. The specialist works closely with CSD stakeholders, system owners, and federal partners to maintain accurate RMF documentation, support governance processes, and ensure timely execution of cybersecurity tasks across all accreditation boundaries.

There are no supervisory responsibilities.

• Monitor RMF authorization status in eMASS and track required actions to obtain and sustain system/application authorization.
• Advise stakeholders on DoD cybersecurity and ATO requirements; identify missing or incomplete information in eMASS.
• Create and maintain eMASS entries, ensuring artifacts are properly associated with applicable CCI security controls.
• Develop STIG/control crosswalks to map controls to system functionality and determine control impact.
• Update eMASS controls and POA&Ms using supporting documentation; ensure POA&M entries remain current and submit closure/extension workflows.
• Explain non-compliant controls and recommend remediation strategies; coordinate updates and communication within CSD.
• Serve as liaison between Program/Product Owners and CSD stakeholders to coordinate eMASS activities and information flow.
• Provide subject matter expertise on RMF policy, eMASS usage, and DoD cybersecurity requirements.
• Identify efficiencies and apply approved templates or repeatable methods for shared requirements across applications.
• Support Program/Product Owners during assessments, validations, and audits, including eMASS access and clarifications.
• Organize and manage RMF meetings, including scheduling, agendas, meeting notes, and artifact storage.
• Conduct quality assurance reviews of RMF submissions (e.g., ACAS scans, network diagrams, PPSM documentation, HW/SW lists, STIGs, POA&Ms).
• Participate in Cyber Compliance Meetings as required.
• Provide expertise on cATO, PPSM documentation, network traffic diagrams, and RMF control remediation.
• Conduct risk analysis of ATO packages and provide prioritized remediation recommendations; contribute to ISSO Reports with recommended ATO conditions.
• Conduct quarterly sampling of documentation against applicable security controls and evaluate risk to the DODIN; coordinate reviews with Program/Product Owners and the ISSM.
• Develop Security Assessment Plans (SAPs) and Security Assessment Reports (SARs) in collaboration with Program/Product Owners and the ISSM.
• Other duties may be assigned.

• 6+ years of experience supporting RMF programs within DoD or federal environments.
• Hands-on experience with eMASS (package maintenance, workflows, artifact association).
• Familiarity with POA&M management, ATO Terms and Conditions, and RMF governance processes.
• Understanding of DoD cybersecurity requirements, NIST SP 800-53 controls, STIGs, and DHA/DHRA RMF processes.
• Ability to interpret compliance documentation, assess system boundary requirements, and evaluate risk.
• Experience with Microsoft Project, SharePoint, MS Teams, and Service Now.

• Experience supporting DMDC, DHRA, DHA, or similar DoD components.
• Familiarity with DHA ATC workflows and cloud-hosted system RMF requirements.
• Experience developing process documentation, governance artifacts, or compliance KPIs.
• Knowledge of central logging requirements and boundary-level cybersecurity controls.

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.

• Strong analytical, organizational, and documentation skills.
• Ability to work collaboratively with interdisciplinary teams and federal stakeholders.
• Must be able to pass background screening prior to employment.
• US Citizenship, legal permanent residence, or US work authorization with a minimum of 3 years of US presence is required due to federal contract requirements.
• Ability to work on-site at Seaside or Mark Center for SIPR-related activities.
• Active Secret clearance required; ability to obtain TS/SCI preferred.

• Minimum 25% on-site at the Mark Center (Alexandria, VA) or DoD Center – Monterey Bay (Seaside, CA).
• Work hours:
  
  8 a.m. Eastern to 5 p.m. Pacific, Monday–Friday, excluding federal holidays or government…