Information Systems Security Officer (Technical ISSO / RMF Assessor)

Information Systems Security Officer (Technical ISSO / RMF Assessor) Job Locations US-VA-Herndon | US-DC-Washington | US-MD-Riverdale Requisition ID 2026-164206 Position Category Cyber Security Clearance Top Secret/SCI w/Poly Responsibilities Job Summary We are seeking a highly skilled and technically proficient Information Systems Security Officer (ISSO) with hands-on experience developing, implementing, and validating security controls within DoD RMF environments. This role requires deep technical understanding of NIST SP 800-53 controls, STIG implementation, vulnerability analysis, and the ability to produce assessable, audit-ready security documentation. The ideal candidate will be confident writing Security Test Procedures (STPs), building Security Controls Traceability Matrices (SCTMs), interpreting ACAS/Nessus scan results, and using Splunk to verify control effectiveness. This ISSO will work closely with system owners, engineers, and government stakeholders to support ATO efforts and continuous monitoring activities. Duties & Responsibilities: Core Technical Responsibilities Develop, write, and maintain Security Test Procedures (STPs) for NIST SP 800-53 controls. Create and update Security Controls Traceability Matrices (SCTMs) . Draft, review, and refine control implementation statements for all control families. Interpret and remediate STIG/SCAP findings across operating systems, applications, and infrastructure. Conduct and analyze ACAS/Nessus vulnerability scan results; validate findings with engineering teams; track remediation to closure. Perform Splunk log analysis to validate control operation and investigate anomalies. Pr