We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Astrion jobs

Information Systems Security Officer (ISSO)

Astrion
Mar 21, 2026
Overview

Information Systems Security Officer (ISSO)

LOCATION:Eglin AFB, FL

JOB STATUS:Full-time

CLEARANCE: Active Secret

CERTIFICATION: CompTIA Security+ or better

TRAVEL:<10%

Astrion has an exciting opportunity for an SE-3 Information Systems Security Officer located at the 46TS/TGBB, Eglin AFB, FL.

This position provides support to the 46 Test Squadron - Sensors and Defensive Systems Flight at Eglin AFB. Working with the Information Systems Security Manager (ISSM), you will support Assessment and Authorization (A&A) activities for systems used by test engineers and data analysts. Key responsibilities include developing and maintaining security documentation (e.g., System Security Plans, Security Control Assessments, POA&Ms) to obtain and maintain system authorizations, defining information security requirements for new and existing systems, and assisting in the implementation and enforcement of security policies and standards.

REQUIRED QUALIFICATIONS / SKILLS

  • Bachelor's Degree in a technical field and 3 - 10 years of relevant experience. Additional relevant experience may substituted for education.
  • An active Secret security clearance eligibility, and the ability to obtain and maintain a Top-Secret SCI security clearance and SAP program access and will be required to handle and safeguard sensitive and/or classified information in accordance with regulations to reduce potential compromise.
  • U.S. Citizenship is required for all applicants.
  • Past DoD cybersecurity experience is required.
  • Background in Special Access Programs (SAP) Cybersecurity with demonstrated expertise with on-prem and cloud-based networks.
  • Understanding of the Risk Management Framework (RMF) lifecycle for DoW systems in a SAP environment, specifically experience in NIST 800-53 security controls and the Joint Special Access Program Implementation Guide (JSIG).
  • Knowledge of and experience designing, developing, and managing IT and cyber systems with the ability to evaluate emerging technologies and integrate them into existing architectures.
  • Knowledge of and experience planning, organizing, and directing IT activities which comply with legal, regulatory, and AF/DoW-directed requirements and meet mission and customer needs.
  • Ability to plan, organize, and lead others in studies or projects and to implement recommendations which may require substantial resources and/or require extensive procedural changes.
  • Strong project management skills with meticulous record keeping.
  • Ability to communicate effectively both orally and in writing.
  • Ability to negotiate complex issues and maintain good working relationships.
  • Experience with Security Technical Implementation Guide (STIG) assessments and Assured Compliance Assessment Solution (ACAS) scans.
  • Experience with performing Security Impact Assessments (SIA) and vulnerability analysis on system changes as a part of Configuration Management (CM)..
  • Experience in managing and responding to security incidents, supporting audits and investigations.
  • Experience with system and network designs that incorporate diverse computer and network devices with varying data protection/classification requirements.
  • Strong analytical skills in performing vulnerability/risk assessment analysis to support authorization and accreditation processes.
  • Experience with preparation and reviewing comprehensive security documentation, including System Security Plans (SSPs), Risk Assessment Reports, Plan of Action and Milestones (POA&M), network hardware and software baselines, and Authorization To Operate (ATO) packages.

PREFERRED QUALIFICATIONS / SKILLS

  • Prior use of Security Compliance Checker.
  • Experience in performing security audits on systems and enclaves.
  • Experience assessing Windows and Linux operating systems, virtual systems, network devices, databases, and web applications.
  • Experience in performing Air Force software and application certification assessments.
  • Highly recommend intermediate CompTIA certs like Cybersecurity Analyst (CySA+) / SecurityX (CASP+); GIAC certs like GIAC Certified SOC Analyst (GCSA) / GIAC Certified Incident Handler (GCIH) / GIAC Certified Intrusion Analyst (GCIA); ISC2 certs like Systems Security Certified Practitioner (SSCP) / Certified Cloud Security Professional (CCSP).

RESPONSIBILITIES

  • Risk Management Framework (RMF) and System Authorization: Lead and implement the full lifecycle of the Assessment and Authorization (A&A) process for classified information systems, ensuring compliance with government frameworks and other relevant directives.
  • Security Control Implementation and Assessment: Implement, assess, and monitor security controls to safeguard classified networks and information.
  • Vulnerability Management and Mitigation: Perform regular vulnerability and risk assessments to identify and prioritize threats and create POA&Ms to address them.
  • Performs Security Technical Implementation Guide (STIG) assessments and Assured Compliance Assessment Solution (ACAS) scans as required.
  • Applies Secure Technical Implementation Guide (STIG) best practices to a wide range of information systems, networking equipment, and software.
  • Incident Response and Reporting: Act as a key player in incident response activities, including investigation and reporting.
  • Configuration Management and System Integrity: Provide configuration management for all security-related software, hardware, and firmware. Ensures system changes are conducted in accordance with security policy and procedures.
  • Security Documentation and Compliance: Prepare, review, and maintain all security documentation, ensuring they are current and accessible. In coordination with the ISSM, develop system-level security procedures that are consistent with cybersecurity policies. Prepares and reviews comprehensive security documentation, including System Security Plans (SSPs), Risk Assessment Reports, Plan of Action and Milestones (POA&M), network hardware and software baselines, and Authorization To Operate (ATO) packages.
  • Security Awareness and Training: Develop and provide security-related training to all personnel with access to classified systems, ensuring they are aware of their responsibilities and the latest security procedures. You will promote a culture of security awareness to minimize violations.
  • Liaison and Communication: Serve as a primary point of contact and interface with government customers, suppliers, and internal company personnel to implement protective mechanisms and ensure compliance with all cybersecurity requirements.
  • Performs other cyber security tasks as assigned.
  • Oversee system and network designs that incorporate diverse computer and network devices with varying data protection/classification requirements.
  • Interfaces with government customers and approving authorities across the DoD in an information security role.
Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-7clgh)