Information Systems Security Officer (Isso)

SHINE Systems is hiring an Information Systems Security Officer ISSO to support our customer in the Aerospace and Defense industry,

As an Information Systems Security Officer

• Serve as the primary security engineering representative on engineering teams for secure networking, computing, and enclave environments
• Verify the security posture of assigned systems to ensure compliance with STE/STN requirements
• Maintain Information Assurance Vulnerability Alert (IAVA) patching for assigned systems
• Ensure compliance with System Security Plans (SSPs) and support ongoing system accreditation requirements
• Contribute to the design, development, implementation, evaluation, and integration of Information Assurance (IA) architectures, systems, and components
• Support the Government in enforcing secure design and implementation of trusted relationships among external systems and architectures
• Apply IA policies, procedures, and workforce structures to design, develop, and implement secure environments
• Perform security planning, assessments, risk analysis, and risk management activities
• Identify and document overall security requirements for proper handling of Government data
• Collaborate and interact effectively with customers and project team members

Experience and Qualifications:

To be eligible for this demanding position, the ideal candidate should demonstrate the following experience and qualifications:

Required Education and Years of Experience:

13 years of experience in Software or Systems Engineering roles or a highly related field of work with similar scope and responsibilities.

A Bachelor’s degree may be substituted for 4 years of experience and a Master’s Degree may be substituted for 6 years of experience.

Required Qualifications:

• Active TS/SCI with active CI Polygraph clearance.
• Security+ or other IAT II/III level certification that is currently active.
• Proficiency with XACTA and DIA’s RMF process, including managing IATT and ATO processes.
• Proficiency with Splunk.
• Experience conducting assessments of existing IT architecture for compliance with security requirements from applicable security frameworks (such as ICD 503 and NIST SP 800-53).
• Experience supporting Risk Management Framework (RMF) lifecycle activities including system categorization, control implementation, assessment, authorization, and continuous monitoring.
• Experience implementing and maintaining system security documentation, including SSPs, SAPs, POA&Ms, and security assessment artifacts, coordinating closely with ISSMs, ISSEs, system owners, and authorizing officials.
• Experience supporting vulnerability management and remediation activities using enterprise tools (e.g., ACAS/Nessus) and ensuring compliance with DISA STIGs and security configuration baselines.
• Experience supporting continuous monitoring activities, audit readiness efforts, and remediation tracking for authorized systems.
• Full-time work in a Sensitive Compartmented Information Facility (SCIF) is required, with flexible hours.

Desired Qualifications:

• Prior Information System Security Officer (ISSO) or Information System Security Engineer (ISSE) experience.
• Proven experience leading cybersecurity initiatives for significant programs, showcasing a comprehensive understanding of large-scale program requirements.
• Demonstrated success in team management, highlighting the ability to effectively guide and coordinate cybersecurity professionals.
• Strong background in communication, with a track record of effectively engaging with customer, program leads, leadership teams, and engineers to convey complex cybersecurity concepts and strategies.
• Experience coordinating with enterprise security stakeholders including Authorizing Officials (AOs), Information System Owners (ISOs), and security control assessors.
• Experience supporting incident response activities, security investigations, and reporting in coordination with cybersecurity operations teams.
• Experience working within Intelligence Community (IC) or DoD cybersecurity environments and familiarity with IC security policies and procedures.

Telework/Remote Availability: No telework approved at this time.

Work Location(s): Annapolis Junction, MD, Washington, DC; or Reston, VA

SHINE Systems is an Equal Employment/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.