Senior Information System Security Officer (ISSO)

DecisionPoint seeks a Senior Information System Security Officer (ISSO) to support cybersecurity governance, RMF documentation, and compliance activities for enterprise systems supporting a federal and DoD-aligned mission environment. This senior-level role ensures all cybersecurity documentation, controls validation, compliance artifacts, and audit deliverables meet federal, DoD, and program-specific requirements. 

The Senior ISSO is a key member of the Governance, Risk, and Compliance (GRC) team and collaborates closely with security engineers, cloud teams, ISSMs, PMO staff, and mission stakeholders to sustain Authorization to Operate (ATO), maintain continuous monitoring, and ensure readiness for audits and assessments. 

This position is fully remote. 

Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid. 

The Senior Information System Security Officer (ISSO) will: 

• Manage RMF documentation including SSPs, POA&Ms, RARs, SARs, and control implementation records. 

• Review and validate security controls across systems, cloud platforms, integrations, and mission applications. 

• Develop and maintain compliance artifacts, evidence packages, remediation documentation, and audit responses. 

• Perform continuous monitoring activities including log review, vulnerability tracking, and configuration oversight. 

• Coordinate with security engineers and cloud teams to validate technical remediation actions and cybersecurity enhancements. 

• Support ATO sustainment activities including internal assessments, external audits, and assessment preparation. 

• Maintain detailed security documentation and ensure accuracy, traceability, and compliance alignment. 

• Analyze security findings, risk reports, and vulnerability data to support corrective action plans. 

• Provide detailed reporting on cybersecurity posture, compliance readiness, and outstanding risks. 

• Collaborate with system owners, cloud engineers, and PMO staff to ensure security controls are implemented correctly. 

• Support incident response activities by gathering evidence, documenting impacts, and tracking corrective actions. 

• Conduct cybersecurity briefings, training sessions, and compliance updates for mission stakeholders. 

• Assist in developing cybersecurity policies, procedures, and governance frameworks to improve security posture. 

Clearance Requirement 

Must hold an active Top Secret clearance, supported by a Tier 5 background investigation. 

Education (Required) 

Bachelor’s degree in Cybersecurity, Information Technology, Information Assurance, or a related field. 

Experience (Required) 

• Minimum 10 years of experience in cybersecurity, information assurance, or compliance roles. 

• Experience managing RMF documentation, ATO packages, and compliance evidence for federal or DoD systems. 

• Experience assessing and validating cybersecurity controls, technical implementations, and remediation actions. 

• Experience preparing and supporting audits, inspections, and compliance reviews. 

• Experience collaborating with engineering and operations teams to close POA&M items or security findings. 

Technical Knowledge (Required) 

• Strong understanding of RMF, NIST SP 800-53, DoD cybersecurity requirements, and ATO processes. 

• Knowledge of STIGs, vulnerability management, patching, and configuration baselines. 

• Familiarity with continuous monitoring activities including scanning, log review, and incident tracking. 

• Proficiency in documenting, assessing, and validating security controls and compliance artifacts. 

Technical Knowledge (Preferred) 

• Knowledge of cloud authorization requirements and cloud-specific RMF packages. 

• Experience using eMASS or similar compliance management tools. 

• Familiarity with Zero Trust principles and modern cybersecurity architectures. 

Certifications 

Required: 

• Security+ 

Preferred: 

• CAP 

• CASP+ 

• CISSP 

• Other governance, risk, and compliance–focused certifications 

Skills 

• Excellent written and verbal communication skills for producing high-quality security documentation. 

• Strong analytical skills for assessing control implementations and evaluating cybersecurity risks. 

• High attention to detail and precision in compliance artifacts, audit packages, and RMF deliverables. 

• Ability to coordinate cross-functional cybersecurity activities and track remediation progress. 

• Strong organizational skills with the ability to manage multiple RMF and compliance initiatives simultaneously. 

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.