Information Systems Security Officer (ISSO)
Company: Apavo Corporation
Location: Arlington
Posted on: February 21, 2026
|
|
|
Job Description:
Job Description Job Description Description: Job Title:
Information System Security Officer (ISSO) Location: On-Site in
Arlington, VA Department: Cyber Security Services Reports To:
Management FLSA Status: Full Time/Non-exempt Description Apavo is
at the forefront of cybersecurity, providing services to military,
defense, and critical infrastructure industries. Joining the Apavo
team means becoming part of a company rooted in the principles of
quality, and communication. We value positive, candid interactions
and the belief that everyone has valuable contributions to make.
Apavo stands out for its commitment to a work-life balance and
fostering a growth mindset among all team members. If you are
looking to make a meaningful impact in the cybersecurity world
while growing professionally in a supportive environment, Apavo is
the place for you. Job Purpose The Information System Security
Officer is responsible for supporting the Information System
Security Manager. The ISSO will support a critical mission within
the DOD and intelligence community. This includes advising on
technical matters to maintain the overall security posture of the
systems. This includes input to the ISSM on the cybersecurity
programs include architecture, requirements, objectives, policies,
personnel, and processes and procedures. Additionally, the ISSO
will have oversight to ensure the continuous monitoring of systems
within their purview to ensure compliance with cybersecurity
policies. Duties & Responsibilities ISSO responsibilities include,
but are not limited to: Supporting the development and maintenance
of the organizational or system-level cybersecurity program that
includes cybersecurity architecture, requirements, objectives and
policies, cybersecurity personnel, and cybersecurity processes and
procedures. Ensuring stakeholders are properly identified and
information system status and RMF activity requirements in order to
establish accountability, access approvals, and special handling
requirements. Maintaining the status of artifacts and repositories
for system-level cybersecurity-related documentation. Ensure proper
appointments IAW RMF 800-37 guidance ensure the established
cybersecurity policies and procedures are being followed in
accordance with formally established roles. Monitor compliance with
cybersecurity policy, as appropriate, and review the results of
such monitoring. Ensure that cybersecurity inspections, tests, and
reviews are synchronized and coordinated. Ensure implementation of
security measures and procedures, including reporting incidents to
the AO and appropriate reporting chains and coordinating
system-level responses to unauthorized disclosures for classified
information or for CUI, respectively. Ensure that the handling of
possible or actual data spills of classified information resident
in systems, are conducted. Ensure that cybersecurity-related events
or configuration changes that may impact DoD systems authorization
or security posture are formally reported to the AO and other
affected parties, such as IOs and stewards and AOs of
interconnected DoD systems. Ensure the secure configuration and
approval of IT below the system level (i.e., products and IT
services) in accordance with applicable guidance prior to
acceptance into or connection to a DoD system. Ensures all users
have the requisite security clearances and access authorization and
are aware of their cybersecurity responsibilities for DoD systems
under their purview before being granted access to those systems.
In coordination with the ISSM, initiates protective or corrective
measures to address a discovered cybersecurity incident or
vulnerability and ensures a process exists for authorized users to
report all cybersecurity-related events, potential threats and
vulnerabilities to the ISSO. Update all DoD systems
cybersecurity-related documentation and ensure these documents are
available to properly authorized individuals. The ISSO is expected
to have additional duties as assigned in support of corporate cyber
security services. Additional details are reviewed in accordance
with company policies. Other This is typical office or
administrative work, and there is no exposure to adverse
environmental conditions. This position requires sedentary work.
Sedentary work is defined as: Exerting up to 10 pounds of force
occasionally and/or a negligible amount of force frequently or
constantly to lift, carry, push, pull or otherwise move objects,
including the human body. Sedentary work involves sitting most of
the time. Jobs are sedentary if walking and standing are required
only occasionally and all other sedentary criteria are met. Apavo
Corporation provides equal employment opportunities to all
applicants and employees and strictly prohibits any type of
harassment or discrimination in regards to race, religion, age,
color, sex, disability status, national origin, genetics, sexual
orientation, protected veteran status, gender expression, gender
identity, or any other characteristic protected under federal,
state, and/or local laws. Consistent with the Americans with
Disabilities Act (ADA), it is the policy of Apavo Corporation to
provide reasonable accommodation when requested by a qualified
applicant or employee with a disability, unless such accommodation
would cause an undue hardship. The policy regarding requests for
reasonable accommodation applies to all aspects of employment,
including the application process. If reasonable accommodation is
needed, please contact Apavo Human Resources at hr@apavo.com or
571-407-0069 Employment with Apavo Corporation is on an at-will
basis, meaning either you or the Company can terminate the
employment relationship, at any time, for any or no reason, and
with or without cause or notice. As an at-will employee, your
employment with Apavo Corporation is not guaranteed for any length
of time. Requirements: Qualifications Bachelors Degree in Computer
Science or a related technical discipline Masters Degree preferred.
Minimum 8-10 years of experience. Must currently possess an active
TS/SCI with the ability to obtain and maintain a CI polygraph.
Systems Security Engineering background preferred. Effective
communication skills to collaborate with cross-functional teams and
stakeholders on implementing security measures organization-wide.
Strong analytical skills for identifying system vulnerabilities and
documenting control implementation narratives. Knowledge of system
artifact requirements in support of a System Security Plan.
Familiarity with AWS and Cloud Service Provider requirements for
development of System Impact Analysis and Documented Risk
Acceptance. Jira and Agile SAFe experience or ability to learn is
required. Detail-oriented with the ability to manage multiple tasks
and prioritize effectively. IAM III preferred Comprehensive
knowledge of RMF activities with ability to articulate to Executive
audiences preferred Familiarity with Federal, NIST, DOD and IC
security policies. Familiarity with federal regulatory
requirements, contractual obligations, and industry standards
related to information security. Evaluate adherence to standards
such as Privacy, GDPR, and HIPAA
Keywords: Apavo Corporation, Towson , Information Systems Security Officer (ISSO), IT / Software / Systems , Arlington, Maryland
