Information System Security Officer (ISSO) – TS/SCI Full Scope Poly
📍 Location: Annapolis Junction, MD
🏢 Work Arrangement: 100% Onsite
💼 Employment Type: Full-Time
🔒 Security Clearance Required: Active TS/SCI with Full Scope Polygraph (NSA Preferred)
🇺🇸 Citizenship: U.S. Citizen Required
🚫 Visa Sponsorship: Not Available
🚚 Relocation Assistance: Available
💰 Compensation: $100,000 – $200,000 Base Salary
Overview
A leading government technology contractor is seeking Information System Security Officers (ISSOs) to support mission-critical classified programs within highly secure government environments.
This role is responsible for maintaining cybersecurity compliance throughout the Risk Management Framework (RMF) lifecycle, supporting system accreditation, continuous monitoring, vulnerability management, and ongoing cybersecurity operations.
The ideal candidate will possess strong RMF expertise, experience supporting classified environments, and the ability to work closely with System Administrators, System Owners, Information System Security Managers (ISSMs), Security Control Assessors, and Government stakeholders.
Key Responsibilities
Risk Management Framework (RMF)
Support the full RMF lifecycle for classified systems.
Develop and maintain RMF documentation and accreditation packages.
Coordinate Authority to Operate (ATO) activities.
Support security authorization and reauthorization efforts.
Ensure systems maintain compliance with cybersecurity requirements.
Security Compliance & Assessments
Conduct security control reviews and assessments.
Validate implementation of required security controls.
Monitor compliance against NIST and government standards.
Support internal and external cybersecurity audits.
Continuous Monitoring (ConMon)
Support ongoing Continuous Monitoring activities.
Review system configurations and compliance posture.
Analyze vulnerability findings and remediation efforts.
Track compliance status and corrective actions.
Vulnerability & Risk Management
Monitor vulnerabilities and security findings.
Coordinate remediation efforts with technical teams.
Assess risk and recommend mitigation strategies.
Support vulnerability management programs.
Stakeholder Collaboration
Work closely with:
System Administrators
System Owners
ISSMs
Security Control Assessors
Government Security Teams
Provide security guidance and compliance recommendations.
Support cybersecurity reviews and inspections.
Required Qualifications
Security Requirements
✔ Active TS/SCI Clearance
✔ Active Full Scope Polygraph (NSA Preferred)
✔ U.S. Citizenship Required
Cybersecurity & RMF Experience
Experience supporting:
Information Assurance (IA)
Cybersecurity Compliance
ISSO Functions
Classified Information Systems
Strong understanding of:
Risk Management Framework (RMF)
Authority to Operate (ATO)
Security Control Assessments
Continuous Monitoring (ConMon)
Risk Assessment Methodologies
RMF & Compliance Tools
Experience with one or more of:
LATTEART
XACTA
BISCOTTI
WATCHCAT
STE
Experience with:
Compliance scanning tools
Configuration assessment tools
Vulnerability management platforms
NIST Framework Knowledge
Strong familiarity with:
NIST SP 800-53 Rev. 3 and/or Rev. 5
NIST SP 800-37
Security Controls
RMF Documentation Requirements
Required Documentation Experience
Candidates should have experience creating, reviewing, or maintaining:
Security Documentation
System Security Plans (SSP)
Plans of Action & Milestones (POA&M)
Security Plan Findings (SPF)
Exception Documentation
Risk & Compliance Documentation
Risk Assessment Reports (RAR)
Security Assessment Reports (SAR)
Business Impact Assessments (BIA)
Configuration Management Plans (CMP)
Contingency Plans (CP)
After Action Reports (AAR)
Preferred Qualifications
Government & Classified Environment Experience
Classified Government systems
Security audits and inspections
Compliance reviews
Vulnerability remediation programs
Stakeholder Coordination
Experience coordinating with:
Authorizing Officials (AO)
Security Control Assessors (SCA)
ISSMs
System Owners
Technical Knowledge
Operating System Security
System Administration Concepts
Vulnerability Management
Configuration Management
Preferred Certifications
Highly desired certifications include:
CompTIA Security+
CISSP
CAP
CASP+
CISM
Must-Have Requirements
Clearance
✅ Active TS/SCI Clearance
✅ Active Full Scope Polygraph
Cybersecurity
✅ RMF Experience
✅ ATO Experience
✅ Continuous Monitoring (ConMon)
✅ Security Control Assessments
Documentation
✅ SSP Development
✅ POA&M Management
✅ Security Compliance Documentation
Soft Skills
✅ Strong Written Communication
✅ Strong Organizational Skills
✅ Risk-Based Decision Making
✅ Collaboration & Stakeholder Management
Screening Questions
Do you currently hold an active TS/SCI clearance with a Full Scope Polygraph?
Was your Full Scope Polygraph issued by NSA?
When was your most recent Full Scope Polygraph completed?
How many years of ISSO, Information Assurance, or Cybersecurity compliance experience do you have?
Have you supported the full RMF lifecycle, including ATO activities?
Which RMF compliance tools have you used (XACTA, LATTEART, BISCOTTI, WATCHCAT, STE)?
Have you developed or maintained SSPs, POA&Ms, SARs, or RARs?
What experience do you have with NIST 800-53 and NIST 800-37?
Do you have experience supporting classified Government systems?
Do you hold any cybersecurity certifications such as Security+, CISSP, CAP, CASP+, or CISM?
Ideal Candidate Profile
The ideal candidate will:
Hold an active TS/SCI Full Scope Polygraph.
Have strong ISSO or Information Assurance experience within classified environments.
Possess deep knowledge of RMF, ATO, and Continuous Monitoring processes.
Be highly detail-oriented and documentation-focused.
Have experience working with government cybersecurity compliance tools.
Understand vulnerability management and risk mitigation practices.
Effectively collaborate with technical and non-technical stakeholders.
Balance mission requirements with cybersecurity compliance obligations.
Candidate Snapshot
Requirement
Details
Clearance
Active TS/SCI + Full Scope Poly
Citizenship
U.S. Citizen
Experience Level
Mid-Level to Senior
Frameworks
RMF, NIST 800-53, NIST 800-37
Compliance
ATO, ConMon, Security Controls
Documentation
SSP, POA&M, SAR, RAR, CMP, CP
Tools
XACTA, LATTEART, BISCOTTI, WATCHCAT, STE
Certifications
Security+, CISSP, CAP, CASP+, CISM (Preferred)
Location
Annapolis Junction, MD
Work Arrangement
100% Onsite
Travel
None
Compensation
$100K – $200K
Relocation
Available
Why This Opportunity?
Mission Impact
Support highly classified national security programs and critical government systems.
Cybersecurity Leadership
Play a key role in accreditation, compliance, risk management, and cybersecurity governance activities.
Career Growth
Work alongside highly skilled cybersecurity professionals supporting some of the nation's most sensitive environments.
Excellent Benefits
3 Weeks PTO
11 Federal Holidays
Medical & Dental Coverage
Life Insurance
STD & LTD Coverage
401(k) with Company Match
Long-Term Career Development
This opportunity is ideal for an ISSO, Information Assurance Analyst, Cybersecurity Compliance Analyst, RMF Analyst, Information Security Specialist, Security Control Assessor Support Specialist, or Cybersecurity Governance Professional with an active TS/SCI Full Scope Polygraph seeking to support mission-critical government programs.
