Information System Security Officer (ISSO)

ACTIVE TS/SCI SECURITY CLEARANCE REQUIRED

We are seeking a TS/SCI-cleared Information System Security Officer (ISSO) to join our team and help strengthen the cybersecurity posture of critical federal systems.

What You’ll Do

As an ISSO at D2, you’ll play a key role in protecting high-value government systems. You will:

Lead Security Documentation & Compliance

• Develop and coordinate all key authorization artifacts, including System Categorization, System Security Plans, and System Risk Assessments.

• Support control assessments, reporting, and ongoing monitoring using the CSAM (Cyber Security and Assessment Management) system.

• Keep components aligned with Core Controls and A-123 assessment timelines.

• Ensure all Risk-Based Decisions have current waivers and proper documentation.

Strengthen System Security Posture

• Support security control testing, document results, assist in remediation, and ensure effective POA&M management.

• Develop or update Business Continuity Plans and Contingency Plans.

• Guide components on decisions affecting the security of their systems and networks.

• Prepare teams for tri-annual Security Assessment and Authorization (SA&A) activities.

Perform Assessments & Provide Expert Analysis

• Conduct assessments of information system security requirements and recommend remediation priorities.

• Review system architecture, infrastructure, and SA&A documentation.

• Assess NIST 800-53 Rev. 4 controls and document outcomes.

• Evaluate and enhance standard SA&A documentation processes.

Drive Risk Management & Continuous Improvement

• Perform and document risk assessments, evaluate vulnerabilities, and recommend risk-based mitigations.

• Develop and manage POA&Ms aligned with federal standards and industry best practices.

• Create System Security Plans, User Guides, and ST&E review documentation for new and legacy systems.

• Conduct NIST-based self-assessments and develop improvement plans.

• Develop Initial Privacy Assessments (IPA) and Privacy Impact Assessments (PIA).

• Conduct ST&Es and Independent Verification & Validation (IV&V) for federal IT systems.

• Conduct OMB A-123 security assessments for federal systems.

What You Bring

• Bachelor’s degree in Computer Science or a related technical field– or equivalent combination of education, certifications, and experience

• 8+ years of experience performing system security assessments, producing security documentation, or executing security upgrades across networks, servers, desktops, and databases

• 8+ years of experience developing and enhancing IT security policies aligned to federal and international standards

• 8+ years of IT security expertise, including experience developing C&A/SA&A packages and achieving ATO for classified systems

• Strong working knowledge of NIST SP standards, including NIST SP 800-37, and experience using CSAM

• TS/SCI clearance required, with eligibility for CI Poly

• At least one of the following certifications:

  • CISA

  • CRISC

  • CISM

  • CGEIT

  • CISSP

  • CAP

Location

Onsite at Customer LocationU.S. Citizenship Required

Additional Information

• All your information will be kept confidential according to appropriate guidelines.
• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $145k-159k. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Accrued PTO, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and more!

D2 Consulting is committed to a merit-based recruitment process and encourages applications from all qualified individuals.  As a Veteran-Owned Small Business, we particularly welcome applications from veterans who have the requisite skills and experience.  Job applicants that are interested in one of our openings and may require a reasonable accommodation to participate in the job application or interview process, should contact us to request an accommodation.