Cleared On Site Mid-Level Information Systems Security Officers (ISSO) (5358)
Smxtech · Washington, DC · Posted Jun 15, 2026
Apply on company site Track it in JobSkout
SMX is seeking a highly motivated Information System Security Officer (ISSO) – Mid to support a mission-critical federal program in Washington, DC. This individual will serve as a key cybersecurity resource responsible for supporting the security posture, compliance activities, and operational security requirements of enterprise information systems and applications. The selected candidate will act as a trusted advisor to System Owners (SOs), Business Process Owners, Information System Security Managers (ISSMs), and cybersecurity leadership on matters related to information system security, risk management, and regulatory compliance. This role requires experience supporting Risk Management Framework (RMF) activities, implementing security controls, monitoring system security posture, and ensuring information systems remain compliant with federal cybersecurity requirements while supporting mission objectives. This position is on site in Washington, DC and requires an active TS/SCI clearance.
Essential Duties Responsibilities:
Serve as a primary cybersecurity advisor to System Owners (SOs), Business Process Owners, and ISSMs on matters related to information system security
Support implementation, maintenance, and continuous improvement of security controls across enterprise systems and applications
Assist with Risk Management Framework (RMF) activities including system categorization, security control implementation, assessment support, and continuous monitoring
Develop, maintain, and update security documentation including System Security Plans (SSPs), POA Ms, security procedures, and supporting authorization artifacts
Monitor system security posture and identify risks, vulnerabilities, and compliance gaps requiring remediation
Coordinate with engineers, system administrators, developers, and security personnel to ensure security requirements are incorporated throughout the system lifecycle
Support Authorization to Operate (ATO) activities and ongoing authorization maintenance efforts
Conduct security reviews and assessments to validate implementation and effectiveness of security controls
Assist in the identification, documentation, tracking, and remediation of security findings and vulnerabilities
Review and validate user access controls, privileged accounts, hardware inventories, software inventories, and system configurations
Support audit activities, compliance reviews, and cybersecurity inspections
Provide guidance regarding physical and logical protection of information system assets
Develop reports, metrics, and recommendations related to system security posture and compliance status
Recommend improvements to security processes, procedures, and operational controls
Support incident response, security investigations, and remediation activities as required
Required Skills Experience
Active TS/SCI clearance required
Minimum of 5 years of professional experience supporting cybersecurity, information assurance, RMF, or information system security activities
Experience serving as an ISSO, cybersecurity analyst, security engineer, or related security role within a federal environment
Experience supporting Risk Management Framework (RMF) activities and Authorization to Operate (ATO) processes
Experience developing and maintaining SSPs, POA Ms, security control documentation, and related authorization artifacts
Familiarity with NIST 800-53, NIST 800-37, FISMA, and federal cybersecurity requirements
Experience implementing and assessing security controls within enterprise information systems
Experience supporting vulnerability management, remediation tracking, and continuous monitoring activities
Knowledge of access control management, security documentation, and compliance reporting
Strong analytical, troubleshooting, and problem-solving skills
Ability to assess risks and recommend practical security solutions
Strong written and verbal communication skills
Ability to work independently while managing multiple priorities in a fast-paced environment
Desired Skills Experience
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or related field
Experience supporting federal government, law enforcement, intelligence community, or national security programs
Experience supporting cloud-based systems and cloud security compliance activities
Experience supporting Governance, Risk, and Compliance (GRC) platforms
Familiarity with enterprise security tools including vulnerability scanners, SIEM platforms, and compliance monitoring tools
Experience supporting security audits, inspections, and assessment activities
Familiarity with Agile development methodologies and DevSecOps practices
One or more of the following certifications preferred:
Security+
CAP (Certified Authorization Professional)
SSCP
GSEC
CISSP Associate
CASP+
Other relevant cybersecurity certifications
Application Deadline: 9-4-2026
# LI-SA1
The SMX salary determ…