Information Systems Security Officer (ISSO)_Mid Level

				Overview:

Credence is one of the largest privately held technologies services company in the country, repeatedly recognized as a top place to work, and have been on the Inc. 5000 Fastest Growing Private Companies list for the last 12 years. We practice servant leadership and believe that by focusing on the success of our clients, team members, and partners, we all achieve greater success.

At Credence, we support our clients' mission-critical needs, powered by technology. We provide cutting-edge solutions, including AI/ML, enterprise modernization, and advanced intelligence capabilities, to the largest defense and health federal organizations. Through partnership and trust, we increase mission success for warfighters and secure our nation for a better future

We value innovation, integrity, and continuous learning-and we are committed to investing in the next generation of tech talent.

Position Summary

We are actively looking for a highly motivated Information Systems Security Officer (ISSO)_Mid Level. The ideal candidate will be interested in International Development. 

As a mid-level ISSO, you will play a key role in supporting Multilevel Security (MLS) implementation, cybersecurity risk management, compliance activities, and system accreditation support. You will serve as an advisor on MLS solutions, security documentation, policy interpretation, and continuous monitoring of system security postures. This position requires a proactive and organized professional who thrives in a fast-paced environment and works collaboratively with stakeholders across technical and security teams. 

You will be the primary point of contact for maintaining and monitoring system security documentation including Security System Plans (SSPs), Plans of Actions and Milestones (POA&Ms), security procedures, and network architecture diagrams. You will provide expertise to support IRM TRB processing, Security Impact Assessment (SIA) packages, and security policy enforcement under evolving federal cybersecurity directives including NIST SP 800-53 Rev 5 and M-22-09. 

This work is on-site in Rosslyn VA.

Responsibilities:

* Analyze and define security requirements for Multilevel Security (MLS) systems and environments 

* Design, engineer, and implement technical solutions to meet MLS and system security requirements 

* Conduct risk analyses and assessments, documenting findings and recommendations 

* Develop and update security documentation including standards, policies, SOPs, and architecture diagrams 

* Serve as the primary POC for: 

* Security Impact Assessment (SIA) packages for the Network Operations Center (NOC) 

* IRM ITCCB submissions and tracking 

* Monthly, quarterly, and annual ISSO checklist deliverables 

* Updates to System Security Plans (SSPs) and POA&M entries 

* Monitoring cybersecurity scorecard metrics 

* Participate in governance and compliance activities, including IRB, CCB, A&A, and M-21-31 policy meetings 

* Provide secondary support for: 

* Transition to NIST SP 800-53 Rev 5 controls 

* Implementation of M-22-09 Zero Trust cybersecurity principles 

* Transition from General Support System (GSS) to AWS-hosted infrastructure 

* Supply Chain Risk Management control family establishment 

* Compliance with FAN/FAH guidance and Binding Operational Directives 

* Support the preparation and maintenance of A&A packages and system compliance documentation 

* Respond to taskers and special projects as assigned 

Qualifications:

* Must be a US Citizen with the ability to obtain and maintain a Secret clearance. Active Secret Clearance preferred
* Bachelor's Degree from an accredited university or equivalent combination of education and experience
* 5 to 7 years Hands-on experience in system security, risk analysis, and compliance
* Experience implementing and maintaining security documentation in accordance with RMF and NIST guidance 
* Working knowledge of FedRAMP, FISMA, and DHS cybersecurity compliance frameworks 
* Familiarity with AWS security practices and cloud compliance strategies 
* Understanding of Zero Trust Architecture and its application in federal environments 
* Experience using governance tools (e.g., eMASS, Xacta, ServiceNow GRC) 
* Excellent organizational and tracking skills, especially for POA&M and control implementation statuses 
* Demonstrated ability to interpret federal policy and translate into actionable security tasks
			

Apply

Share this job:

Share this Job

View company profile

Credence