CALNET Inc.
via Jobvite
Information Systems Security Officer (ISSO)– Secret Clearance
Compensation
$Not specified
Responsibilities
Ensure security posture, compliance, and continuous monitoring of Government Secure Data Network systems per federal mandates and Treasury policies.
Requirements
Bachelor's degree and 5–8 years cybersecurity experience with federal or national security systems, knowledge of RMF/A&A, vulnerability tools, and relevant federal security standards.
Full Description
Founded in 1989, CALNET Inc. has become one of the fastest growing privately held companies in the Technology, Intelligence Analysis, and Language Services consulting arena. Headquarters in Reston, VA, CALNET employees deliver true value to our customers by employing best practices, and world-class technologies industry expertise in every project. CALNET is ISO 9001, ISO 20000, and CMMI-Level III certified As a Prime Government Contractor for a major government institution, we are currently searching for a talented Information Systems Security Officer (ISSO) with Secret Clearance to work in Washington DC Position Overview The Information Systems Security Officer (ISSO) is responsible for ensuring the security posture, compliance, and continuous monitoring of Government Secure Data Network systems in accordance with FISMA, NIST SP 800-53, CNSSI 1253, DoD directives, and Treasury security policies. The ISSO provides technical security oversight, supports Security Assessment & Authorization (SA&A) activities, manages Plans of Action & Milestones (POA&M), conducts vulnerability analysis, and ensures systems maintain Authorization to Operate (ATO) status. The ISSO works closely with the Federal Information System Security Manager (ISSM), Program Manager, Data Center Operations, and Service Desk teams. Key Responsibilities 1. Security Assessment & Authorization (SA&A) / RMF Support Develop, maintain, and update: System Security Plans (SSPs) Risk Assessment Reports Security Assessment Reports (SARs) Contingency Plans Authorization to Operate (ATO) documentation Define system boundaries, inventories, interconnections, and responsible officials. Support Risk Management Framework (RMF) lifecycle activities. Conduct control selection, implementation validation, and security testing. Ensure compliance with NIST SP 800-53, CNSSI 1253, DoD, and Treasury directives. 2. Continuous Monitoring & Vulnerability Management Monitor and analyze vulnerability scans (ACAS, SCAP). Review and validate STIG compliance. Conduct log analysis using tools such as Splunk. Track remediation timelines and validate closure evidence. Ensure 90% of POA&M items are completed or re-baselined prior to due date. Provide weekly vulnerability/risk reporting. 3. POA&M Lifecycle Management Develop and manage POA&M documentation. Coordinate with system owners to ensure timely remediation. Provide 30/60/90-day remediation tracking. Report POA&M status to leadership and COR. Maintain compliance metrics and documentation in Treasury authoritative systems. 4. Incident Response & Cyber Exercises Support Cyber Security CIRC and Incident Response processes. Conduct and participate in: Monthly Incident Response exercises Monthly Contingency Response exercises Annual DR/COOP exercises Report security incidents within required timelines (≤ 2 hours for reporting metrics). Prepare annual Security Incident Response reports. 5. Security Operations & Hardening Ensure all IT assets are configured per Government baseline configurations. Validate security settings before implementation. Document configuration deviations and manage waiver process. Support HBSS compliance (HIPS, Policy Auditor, ABM, RSD, DCM). Ensure patch compliance meets 100% ± 2% security patching requirements. 6. Forensics & Investigative Support Assist in: FOIA-related searches Litigation support File recovery and disk recovery Encryption/decryption activities Conduct forensic analysis using industry-standard tools. 7. Security Documentation & Reporting Develop and update: Security Operational Documentation Privacy Impact Assessments Incident Response Plans Business Impact Analysis (BIA) Configuration Management Plans Submit: Weekly Vulnerability/Risk Reports Monthly Log Review Reports Quarterly Privileged User Account Reports Annual DR/COOP Exercise Reports IT Security Training Reports 8. Training & Awareness Ensure 100% of active users maintain current IT Security Training. Track and report security awareness compliance. Support onboarding security documentation validation. Required Qualifications Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, or related field (or equivalent experience). Minimum 5–8 years of cybersecurity experience. Experience supporting federal or national security information systems. Experience with RMF / A&A processes. Experience with vulnerability scanning tools (ACAS, SCAP). Experience with log monitoring and analysis (Splunk). Strong understanding of: NIST SP 800-53 FISMA DoD RMF STIG implementation CNSSI 1253 Required Certifications (DoD 8140 Compliant) One or more of the following (IAM Level II/III equivalent preferred): CISSP CISM GSLC CASP+ Security+ This opportunity is in Washington DC CALNET, Inc. offers a competitive salary and a generous benefits package. This package includes medical, dental, vision, life, short- and long-term disability insurances, a 401(k)-retirement savings plan, and generous leave time. CALNET, Inc. is an Equal Opportunity Employer. EEO/M/F/D/V
This job posting was last updated on 2/27/2026
Ready to have AI work for you in your job search?
Sign-up for free and start using JobLogr today!
Get Started »
