logo inner

Information System Security Officer (ISSO)

Spry Methods$Exp_1Hybrid

Who We’re Looking For (Position Overview):


This role is critical in ensuring the security posture of mission-critical applications and infrastructure across multiple network enclaves (Unclassified, Secret, Top Secret). The ISSO will be responsible for developing, maintaining, and enforcing security policies, implementing cybersecurity controls, managing Authority to Operate (ATO) documentation, and conducting continuous monitoring and risk assessments in compliance with FISMA, NIST, DOJ, and other federal mandates.

What Your Day-To-Day Looks Like (Position Responsibilities):


  • Serve as the principal cybersecurity advisor to system owners and stakeholders.
  • Design, analyze, and test of information security systems, products, cloud architectures and cloud solutions.
  • Provide recommendations and/or alternatives to mitigate impact of system security boundary changes as part of any potential re-architecting and/or re-design activities.
  • Develop, implement, and evaluate security controls, measures, and frameworks in cloud-based systems to ensure data integrity, confidentiality, and availability.
  • Perform risk analysis, vulnerability assessments, and security audits to identify and address potential weaknesses in cloud environments.
  • Follow all appropriate security authorization process for requesting and maintaining an Authority to Operate (ATO).
  • Responsible for ensuring operational security is maintained for assigned information systems.
  • Ensure systems are operated, maintained, disposed of in accordance with security policies and practices.
  • Perform Security Incident Reporting and Response.
  • Coordinate with the Office of the Chief Information Officer (OCIO), Security Division, and others to provide documentation to the system Certification and Accreditation process.
  • Ensure audits and reviews are responded to with accurate information.
  • Perform system access control responsibilities.
  • Participate in the change management process for assigned applications.
  • Work with Product Owner, Product Manager, OCIO, Security Division, and other stakeholders to ensure security concerns are addressed during all phases of system lifecycle.
  • Perform continuous system security monitoring.
  • Implement and manage cloud-native and third-party security tools for monitoring, threat detection and vulnerability management.
  • Act as a SME on Cloud Security while applying methods, standards, and approaches for ensuring the baseline security safeguards are appropriately implemented and documented.
  • Provides reports to superiors regarding effectiveness of data security and makes recommendations for the adoption of new procedures.
  • Draft and keep updated information security documentation to include System Security Plan, Information System Contingency Plan, Plan of Actions and Milestones (POA&M), Privacy Threat Assessment, Privacy Impact Assessment, and Configuration Management Plan.
  • Responsible for ensuring the implementation and maintenance of annual security controls assessments.
  • Assist with FISMA System audits as necessary. Leverage necessary vulnerability assessment and scanning tools including Nessus and ACSA to identify vulnerabilities, Splunk tools to monitor, detect and rectify misconfigurations.
  • Working directly with development, platform, and infrastructure teams on security problems.

What You Need to Succeed (Minimum Requirements):


  • TS Clearance with SCI eligibility.
  • 8 years of experience requied.
  • Extensive experience with federal cybersecurity frameworks, including RMF, NIST 800-53, CNSS, and FISMA.
  • Experience supporting cloud security in environments such as AWS GovCloud, C2S, SC2S, and Microsoft Azure.
  • Analyze logs using Splunk and AWS tools.
  • Hands-on experience with vulnerability assessment and configuration tools such as Nessus, ACSA, and Splunk.
  • Work with GRC tools such as Xacta/JCAM
  • Hold at least one of the following security certifications. Example: Security +, CGRC, CASP, CISSP
  • Experience using Atlassian suite tools such as JIRA/CONFLUENCE
  • Experience with Agile Methodologies/SAFe
  • Expertise on Information Security Principles, processes and guidelines
  • Able to obtain and maintain an Authority to Operate (ATO) for Information Systems.
  • Experience with scanning tools such as Tenable Nessus
  • Ability to work on multiple projects with various timelines, at times very short deadlines.

Ideally, You Also Have (Preferred Qualifications):


  • Certifications: CISSP, CISM, CAP, Security+, AWS Certified Security – Specialty, or other relevant certifications.
  • Experience in a high-side or multi-enclave (U/S/TS) environment.
  • Experience working with Agile development teams and CI/CD pipelines.
  • Familiarity with Infrastructure as Code (IaC) and cloud configuration management tools (e.g., Terraform, Ansible).
  • Familiarity with NIST 800-53 Rev. 5

Apply for this job

Life at Spry Methods

Spry is a certified Small Business headquartered in McLean, VA. Spry provides Enterprise, C4IT, Management, and Cyber Solutions to the federal government and commercial entities. Founded in 2001, Spry Methods was built on the foundation of combining industry knowledge with unmatched responsiveness to produce results for our customers. Our goal is to build a business dedicated to the maximization of value for all stakeholders starting with our employees, our customers, and our community. We recognize that talented and dedicated employees are our most valued assets and the foundation of our success. Guided by these principles, we have established an impressive track record of proven past performance serving our customers within the Commercial, Federal Civilian, DoD, and Intelligence Communities. A CMMI Level 3 certified and ISO 9001:2008 registered company, Spry is committed to quality and continuous improvement.
Thrive Here & What We Value1. Positive and energetic work environment2. Personal and professional growth encouragement3. Exciting and rewarding opportunities challenging abilities4. Multiple fund choices with company match (PCS)5. Paid holidays & PTO accrual at 15 days/year6. Annual training allowance for job-related education7. Diverse and inclusive workplace8. Engagement, creativity, quality, and innovation endorsement
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025