Information Systems Security Officer

ob Posting TitleInformation System Security OfficerJob Description Job Description Information Systems Security Officer (ISSO) Location: Onsite – Grand Forks, ND Clearance Required: Active Top Secret (TS) Employment Type: Full-Time Company: Women-Owned Small Business (WOSB), headquartered in Leesburg, VA Position Overview We are seeking an experienced Information Systems Security Officer (ISSO) to support and protect mission-critical Department of Defense (DoD) information systems. This role is 100% onsite in Grand Forks, North Dakota and supports both on-premises and cloud-based DoD systems, including systems undergoing initial Authorization to Operate (ATO) and systems in continuous monitoring. The ideal candidate will have strong experience in Risk Management Framework (RMF), security operations (SOC), SIEM tools, and cyber defense operations, and will work closely with the ISSM, System Owner, Cybersecurity Team, and DoD Authorizing Officials. Key Responsibilities Cyber Defense & SIEM Operations Integrate, configure, and maintain cyber defense tools, with a strong emphasis on SIEM platforms such as Splunk and SolarWinds. Conduct SIEM alert triage, correlation, threat hunting, and analysis activities. Configure, collect, and analyze audit logs from networking devices, hardware platforms, operating systems, and virtual/cloud environments. Perform forensic analysis and evidence preservation in support of cybersecurity incidents and investigations. Support continuous monitoring through log analysis, alert review, and security event reporting. SOC Procedures & Operational Documentation Develop, maintain, and update operating procedures, including: SOC monitoring and alerting procedures Incident triage, response, handling, and reporting SIEM deployment, testing, tuning, and optimization procedures Log source onboarding, validation, and maintenance procedures Train cybersecurity and SOC team members on operational SOC and SIEM processes and best practices. RMF & Compliance Create, update, and maintain system security documentation, including: System Security Plan (SSP) Security Control Traceability Matrix (SCTM) RMF Body of Evidence Prepare systems for security assessments in accordance with RMF and NIST Special Publications (SP 800-37, 800-53, and related guidance). Identify security control deficiencies, develop remediation strategies, and manage Plans of Action and Milestones (POA&M) through mitigation or risk acceptance. Conduct periodic and continuous monitoring to ensure ongoing compliance with authorization requirements. Collaboration & System Support Work closely with the ISSM, Information System Owner (ISO), Cybersecurity Engineers, and DoD Authorizing Officials. Assist the ISSM with daily security operations, including analysis of security anomalies, adversary activity, and recommended corrective actions. Participate in change management, including reviewing change requests and assessing the security impact of proposed system changes. Support audit collection, vulnerability management, endpoint protection, and other continuous monitoring capabilities. Contribute to system engineering and release activities to ensure secure integration into production IT environments. Cloud & AWS (Highly Desired) Experience supporting cloud-based systems, particularly AWS environments. Hands-on experience with AWS CloudTrail, log aggregation, monitoring, and analysis. Understanding of cloud security controls and their mapping to RMF and NIST requirements. Basic Qualifications U.S. Citizenship required. Active Top Secret (TS) security clearance required. DoD 8570.01-M / DoD 8140.01 certification: IAT Level II or IAM Level II or IASAE Level II Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Systems, Engineering, or a related field and 4+ years of relevant experience; or Master’s degree with 2+ years of relevant experience. Strong experience with: RMF, ICD 503 NIST SP 800-53, JSIG or DJSIG DoD authorization and compliance processes Solid understanding of DoD physical and environmental protection, personnel security, incident handling, and security awareness training. Preferred Qualifications Professional certifications such as CISSP, CISM, or similar. 5–10 years of experience in information technology or cybersecurity roles. Experience securing modern environments including: Windows and Linux systems Cloud platforms Virtualized infrastructures Databases (SQL, Oracle) Network and Cisco-based technologies Experience implementing and operating cybersecurity tools for: Vulnerability scanning and remediation Patch management Audit collection and review Endpoint detection and protection Benefits 401(k) Health Insurance Dental Insurance Vision Insurance Paid Time Off (PTO) Tuition Reimbursement Work Schedule Monday–Friday 8-hour shift Onsite requirement: Grank Forks, ND 58204 Must be able to reliably commute or relocate prior to start date Job Type: Full-time Pay: $44,175.84 - $120,000.00 per year Benefits: 401(k) 401(k) matching Dental insurance Flexible spending account Health insurance Life insurance Referral program Tuition reimbursement Vision insurance Work Location: In person