ISSO - DOD

TL;DR

ISSO - DOD (Cybersecurity/RMF): Supporting NORAD ITW/AA and NISSC II by performing security analysis and supporting Assessment & Authorization (A&A) under NIST RMF with an accent on compliance evidence, control assessments, and security posture integrity. Focus on conducting NIST 800-53 control assessments, security impact analysis, and maintaining hardware/software inventory assessments while coordinating with government customers and suppliers.

Location: Chidlaw Building, Colorado Springs, CO, USA

Salary: $110,000–$120,000 annually

Company

hirify.global provides science, engineering, data analytics, and technology services to government agencies.

What you will do

• Perform security analysis of operational and development environments, including threats, vulnerabilities, and internal interfaces to assess compliance with accepted industry and government standards.
• Support Assessment & Authorization (A&A) processes under NIST Risk Management Framework (RMF) for new and existing information systems.
• Enter and manage information in eMASS or Xacta and coordinate auditing systems to ensure security posture integrity.
• Support assessments and document the state of compliance with security requirements using RMF artifacts and evidence.
• Conduct periodic hardware/software inventory assessments.
• Collaborate with government customers, suppliers, and company personnel to implement protective mechanisms and ensure compliance with cybersecurity requirements.

Requirements

• Active DoD Secret Clearance
• 2–5 years practical DoD/USAF information security policy background with hands-on experience applying RMF processes and principles within eMASS and/or Xacta.
• 2–5 years experience developing and/or contributing to RMF body of evidence composition, applicable artifacts, and associated control families.
• 2–5 years experience performing NIST 800-53 Control Assessments.
• 2–5 years experience conducting Security Impact Analysis.
• Must meet DoDM 8140.03 requirements for Information System Security Manager (722).

Nice to have

• Experience with cybersecurity policies and RMF implementation (e.g., DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series).
• Experience using security-relevant tools such as ACAS, ESS, and SCAP.

Culture & Benefits

• Comprehensive nationwide Medical/Dental/Vision insurance programs.
• Life insurance.
• Matching 401k contribution.
• Educational/Training support.
• Competitive compensation based on experience, education, and directly related certifications.

Hiring process

• Review of clearance and RMF/NIST 800-53 experience requirements.
• Assessment of RMF evidence/artifact experience and tool familiarity (eMASS/Xacta).
• Interviews to confirm fit for government customer collaboration and compliance-focused work.