Information System Security Officer
Automate your job search with Sonara.
Submit 10x as many applications with less effort than one manual application.1
Reclaim your time by letting our AI handle the grunt work of job searching.
We continuously scan millions of openings to find your top matches.

Overview
Remote
On-site
Compensation
$140,000-$180,000/year
Job Description
Information System Security Officer (ISSO)Clearance: Active TS/SCI required Environment: Classified DoD / Special Access Program (SAP) and SCI About the Role We are seeking an experienced Information System Security Officer (ISSO) to support the cybersecurity, compliance, and risk management of DoD information systems operating in classified and controlled environments. Working alongside the ISSM, system administrators, engineers, program managers, and government stakeholders, the ISSO helps ensure systems remain compliant with the Joint SAP Implementation Guide (JSIG), the DoD Risk Management Framework (RMF), and applicable Intelligence Community and DoD directives. This is a hands-on role spanning the full RMF lifecycle — from implementing and assessing security controls to maintaining Authorization to Operate (ATO) and executing continuous monitoring. It's well suited to a detail-oriented security professional who wants ownership of authorization packages and direct engagement with government customers in a mission-focused setting.What You'll DoRMF & Cybersecurity Compliance
- Implement and maintain cybersecurity requirements in accordance with JSIG, RMF, and applicable DoD policy.
- Develop, maintain, and update core RMF documentation: System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Plans of Action and Milestones (POA&Ms), Security Assessment Reports (SARs), and Continuous Monitoring Plans.
- Ensure security controls are implemented and sustained against approved security baselines.
- Support security authorization efforts across the full RMF lifecycle.
- Execute continuous monitoring activities to sustain system authorization.
- Review and analyze vulnerability scan results from tools such as ACAS, track remediation, and validate closure.
- Conduct risk assessments and help develop mitigation strategies.
- Evaluate proposed system changes for security impact and support configuration management.
- Coordinate and support security audits, inspections, and assessments.
- Investigate, document, and respond to cybersecurity incidents.
- Ensure audit logs are reviewed and retained per security requirements.
- Verify system hardening and secure configurations, partnering with security engineers as needed.
- Enforce least-privilege and separation-of-duties principles, and provide security guidance to users and administrators.
- Maintain accurate cybersecurity records and artifacts required for compliance reviews.
- Prepare reports and briefings for program leadership, the ISSM, and government representatives.
- Maintain the evidence base required for internal and external assessments and authorization activities.
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field (or equivalent experience).
- 5+ years of cybersecurity, information assurance, or information systems security experience.
- Direct experience supporting DoD RMF processes and cybersecurity compliance.
- Working knowledge of JSIG requirements and artifacts, NIST SP 800-53 controls, STIG implementation, and vulnerability management.
- Active TS/SCI clearance.
- Current DoD 8570/8140-compliant certification (e.g., CISSP, CISM, CASP+, or CISA).
- Experience supporting SAP, SCI, or other classified environments.
- Hands-on experience across Windows, Linux, and virtualized environments.
- Familiarity with Cross Domain Solutions (CDS) and cloud security in DoD environments.
- Proficiency with security tooling such as ACAS, Splunk, Tenable, or Trellix ePO.
- Experience building and supporting security assessment and authorization packages.
- Strong analytical, problem-solving, and documentation skills, with the ability to work independently and collaboratively in a mission-driven team.
Automate your job search with Sonara.
Submit 10x as many applications with less effort than one manual application.

FAQs About Information System Security Officer Jobs at Oxenham Group LLC
What is the work location for this position at Oxenham Group LLC?
This job at Oxenham Group LLC is located in Lorton, VA, according to the details provided by the employer. Some roles may also include multiple work locations depending on the requirement.
What pay range can candidates expect for this role at Oxenham Group LLC?
Candidates can expect a pay range of $140,000 and $180,000 per year.
What employment applies to this position at Oxenham Group LLC?
The employer has not provided this information. This may be discussed during the hiring process.
What is the process to apply for this position at Oxenham Group LLC?
You can apply for this role at Oxenham Group LLC either through Sonara's automated application system, which helps you submit applications 10X faster with minimal effort, or by applying manually using the direct link on the job page.