Renata
Back to jobs
ECS

Information System Security Officer (ISSO)

ECS
6910 Cooper Ave-PGPosted 3 days ago
onsite
Apply NowAsk Renata

Job Description

Everforth ECS is seeking an Information System Security Officer (ISSO) to work onsite at our Ft. Meade, MD office.

  

Everforth ECS is seeking an experienced Information System Security Officer (ISSO) to support robust Impact Level (IL) 5 and IL6 programs in an operational DoW environment that houses multiple U.S. Coalition Mission Partner Environments (MPE).

 

This position is a demanding, high-energy role that requires strong cybersecurity judgement, attention to detail, and the ability to support authorization, compliance, and continuous monitoring activities across multiple enclaves in a dynamic Azure DoW environment. The ideal candidate has hands-on ISSO experience supporting classified DoW programs, a working knowledge of RMF and NIST 800-53 controls, and familiarity with cyber tools such as ACAS and Trellix. They are organized, proactive, comfortable collecting and validating security artifacts, and able to communicate clearly with both technical and non-technical stakeholders. The ISSO reports to the Senior Technical Program Manager.

 

Job Responsibilities:

  • Support:
    • ISSO activities for a DoD Azure environment, including RMF, ATO maintenance, continuous monitoring, and compliance documentation.
    • Development and maintenance of ATO artifacts, including security plans, control evidence, vulnerability reports, diagrams, inventories, and risk documentation.
    • Security control assessments, audit readiness, continuous monitoring reviews, and authorization package updates for classified systems.
  • Develop, update, and track POA&Ms for vulnerabilities, STIG findings, control gaps, audit findings, and other security risks.
  • Maintain eMASS records, including control implementation details, artifacts, POA&Ms, assessment results, risk documentation, and continuous monitoring evidence.
  • Review and validate STIG artifacts submitted by engineers, including checklists, scan results, remediation evidence, mitigations, and closure documentation.
  • Work with engineers, system administrators, cloud teams, and government stakeholders to validate findings, track remediation, and keep security documentation current.
  • Administer and maintain ACAS, including Nessus scanners, plugin updates, troubleshooting credentialed scan issues, scan scheduling, and vulnerability reporting.
  • Review ACAS scan results and prepare vulnerability reports, metrics, POA&M updates, and remediation tracking artifacts.
  • Administer and support Trellix / ESS, including ePO policies, endpoint protection settings, agent health, alert monitoring, and reporting.
  • Investigate Trellix endpoint alerts, suspicious activity, malware events, and agent issues; assist with tuning policies, exclusions, and alerting logic to reduce false positives while maintaining required security coverage.
  • Assist with monitoring, configuring, and documenting alerts, incidents, dashboards, and security events in Microsoft Sentinel.
  • Participate in cybersecurity status meetings, vulnerability reviews, POA&M reviews, and ATO-related coordination with government and contractor teams.
  • Other duties, as assigned.

See Your Match Score

Sign up and Renata will show you how this job matches your skills and experience.

Get Started Free
About ECS
Website
Information System Security Officer (ISSO) at ECS | Renata