Information Systems Security Officer (ISSO)

    • Laurel, MD

Searching for a challenging position in Information Systems Security and Compliance?

If so, we're looking for someone like you to join our team at APL!

We are seeking an Information Systems Security Officer (ISSO) to ensure classified Information Systems (IS) meet Cybersecurity requirements and Government directives.

As a team member, the incumbent will contribute to IS Security Management of classified Information Systems in support of Program Sponsor requirements. Be part of an ambitious team of technical specialists who are motivated by one common goal. Serve as an active contributor providing information assurance for a team of systems and network engineers for complex networks consisting of Windows, Linux, and Virtualized environments.

The Information Systems Security Officer will....

  • Develop, review, and manage RMF accredited packages for the assigned IT boundaries. Develop Standard Operating Procedures, Incident Response Plans, Contingency Plans, and Plan of Actions and Milestones (POAM). Author all related technical diagrams and related artifacts.
  • Utilize the Enterprise Mission Assurance Support Services (eMASS) accreditation workflow platform.
  • Conduct network vulnerability and discovery scans utilizing automated tools. Initiate corrective steps when an incident or vulnerability is discovered.
  • Validate compliance by use of the DISA Security Technical Implement Guide (STIG) and Security Content Automation Protocol (SCAP).
  • Provide instruction in the implementation of security controls, regulations, and policy. Ensure that IS approved software, hardware, and peripherals align with security configurations.
  • Complete weekly system security audits, data loss prevent, hardware, and software configuration management, account management, and associated reporting.
  • Interact with a variety of security-related software tools: SCAP, STIG Viewer, ACAS/Nessus, Splunk, Ivanti, Symantec Endpoint Protection, and similar automated tools.
  • Maintain a working knowledge of Government and Laboratory security policies and procedures and the requirements of the Federal Information Security Management Act (FISMA), National Industrial Security Program Operating Manual, (NISPOM), National Institute of Standards and Technology (NIST 800-53), DSS Assessment and Authorization Process Manual (DAAPM), DoD Information Assurance Certification and Accreditation Process (DIACAP) and Risk Management Framework (RMF)
  • Respond to multiple, challenging, fast-paced tasks and prioritize to meet changing requirements.

You meet our minimum qualifications for the job if you...
  • Possess a BS degree in Computer Science, Information Technology, Cyber Security, Systems Engineering, Mathematics, or a comparable field with equivalent years of experience.
  • Have 7 years experience as an ISSM or ISSO
  • Have 2 years' experience working with the Risk Management Framework (RMF), NISPOM, and DAAPM.
  • Have 1 years of Systems Administration – either Windows, Linux or both.
  • Experience with Virtual Computing Environments to include VMWare.
  • Possess a current DoD 8570 certification (Security or CISSP), or ability to obtain within 6 months of employment
  • Experience with Plan of Actions and Milestones (POAM) generation and maintenance.
  • Experience with DISA STIGS, STIG viewer, SCAP, and like tools
  • Strong written and verbal communication skills.
  • Ability to multi-task and respond to changing priorities to meet mission critical deadlines.
  • Ability to work independently and in a collaborative environment.
  • Ability to work in a fast-paced environment.
  • Hold an active Secret level security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.
  • Please note: Given the classified nature of the work, telework is not supported by this role. The position requires the candidate to be on-site at our Laurel, MD location 5 days per week.

You'll go above and beyond our minimum requirements if you...
  • Possess a MS degree in Computer Science, Information Technology, Cyber Security, Systems Engineering, Mathematics or a comparable field of study.
  • Four or more years as an ISSO, Information Assurance, or Cyber security professional.
  • Three or more years of experience in Systems Administrative – either Windows, Linux, or both
  • DoD 8570 IAT Level III (CASP, CISA, CISSP, GCIH, GCED
  • Have an active Secret level clearance or above.

Special Working Conditions:


Must be able to perform moderate lifting to move computer and network equipment.

Working in a closed area environment.

May require some work outside normal working hours.

Why work at APL?

The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation's most critical defense, security, space and science challenges. With a wide selection of challenging, impactful work and a robust education assistance program, APL promotes a culture of life-long learning. Our employees enjoy generous benefits and healthy work/life balance. APL's campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities atwww.jhuapl.edu/careers.

APL is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability status, veteran status, or any other characteristic protected by applicable law.

APL brings research applications to life in the space science, asymmetric operations, force projection, and air and missile defense categories, pioneering solutions to push scientific boundaries.

Johns Hopkins Applied Physics Laboratory Company Image


Back to top