Information System Security Officer

Summary

Join Hexagon US Federal as an Information System Security Officer and manage the cybersecurity risk management lifecycle for mission-critical systems within the DoD environment. You will ensure compliance with relevant directives and standards, monitor security methodologies, and create and maintain security policies and procedures. Responsibilities include identifying and managing vulnerabilities, acting as a liaison between teams, supporting engineering teams, collaborating with Authorizing Officials and other personnel, participating in assessments and briefings, and preparing security documentation. The role requires on-call support and involves working in a fast-paced, team-based environment. This position is ideal for individuals with a strong understanding of RMF and DoD cybersecurity policy, excellent communication skills, and the ability to maintain comprehensive security documentation. Applicants must be U.S. citizens and eligible for Secret Clearance.

Requirements

• Bachelor’s degree in cybersecurity, information assurance, computer science, or a related field, with 5–8 years of experience in cybersecurity, information system security, or ISSO-related roles
• Security+ certification is required; advanced certifications such as CISSP, CASP+, or CISM are strongly preferred
• Demonstrated experience working within the Risk Management Framework (RMF), including control implementation, assessment, and authorization processes
• Proficiency with key tools and platforms, including eMASS, STIGs/STIG Viewer, ACAS (Nessus/Tenable), and vulnerability scanning/assessment tools
• Hands-on experience leading or supporting NIST SP 800-53 Rev 5 control implementation and tailoring activities to align with system requirements
• Strong understanding of the Authorization to Operate (ATO) process, including the development and maintenance of Plan of Action and Milestones (POA&Ms) and other required RMF artifacts
• Ability to remain in a stationary position and operate a computer for extended periods
• Occasional ability to move or transport items up to 25 pounds
• Communicate effectively in English (verbal, written) and possess visual and auditory acuity for tasks and safety
• Manage multiple tasks, prioritize, and maintain focus in dynamic environments
• Demonstrate strong problem-solving, critical thinking, and analytical skills
• Maintain consistent attendance, punctuality, and high professional standards
• This position requires eligibility for Secret Clearance. Applicants must be U.S. citizens to be eligible for consideration
• 10%

Responsibilities

• Ensure that systems comply with DoD 8500-series directives, NIST SP 800-53 controls, and other applicable federal security requirements
• Monitor and enforce compliance with established security methodologies across all phases of system operations
• Create and maintain comprehensive policies and procedures that detail security controls and system boundaries
• Identify, document, and manage system vulnerabilities and mitigation strategies in POA&Ms
• Act as a liaison between cybersecurity and technical teams to interpret and implement security controls effectively
• Support engineering teams in ensuring that security requirements are appropriately addressed throughout the system lifecycle
• Collaborate with Authorizing Officials (AOs), Security Control Assessors (SCAs), and other key personnel throughout the Assessment and Authorization (A&A) process
• Participate in Security Control Assessments (SCAs), accreditation meetings, and compliance briefings
• Prepare and submit required security documentation and artifacts for internal and external audits
• Periodically, provide after-hours emergency support
• Perform other tasks as directed

Preferred Qualifications

• In-depth knowledge of eMASS package creation and lifecycle management, from system inception through decommissioning, is highly desirable
• Familiarity with FedRAMP controls and cloud security frameworks (AWS, Azure, or hybrid cloud environments) is a plus
• Understanding of mobile system accreditation processes, including policies and compliance requirements, is a plus
• Experience working with Computer-Aided Dispatch (CAD) systems or other mission critical operational technologies is a plus

Benefits

• Competitive health care plans with savings accounts
• Dental and vision plans
• 401k with 100% company match up to 6%, with immediate vesting on company match
• Life and disability insurance
• Learning Management System with robust offerings
• Tuition Reimbursement Program
• Flexible hybrid and remote working arrangements where possible
• 13 paid holidays per year
• Veterans’ focused Employee Resources Group with regular educational sessions and communications
• Leadership Development Program with multiple learning options