Cleared Hybrid Information System Security Officer (5420)
Smxtech · Hanover, MD · Posted Jul 7, 2026
Apply on company site Track it in JobSkout
SMX is seeking an experienced Information System Security Officer (ISSO) to support a mission-critical federal program. This individual will serve as a cybersecurity professional responsible for ensuring the security, compliance, and operational integrity of enterprise information systems supporting critical mission functions. The selected candidate will work closely with System Owners (SOs), Business Process Owners, Information System Security Managers (ISSMs), and cybersecurity leadership on matters involving information system security. This role requires solid experience implementing and maintaining security controls, supporting Risk Management Framework (RMF) activities, and leading Authorization to Operate (ATO) efforts across multiple systems and projects. The ISSO – Intermediate will be responsible for evaluating security posture, mitigating risk, recommending security improvements, and ensuring compliance with federal cybersecurity requirements. This position is hybrid and requires an active Secret clearance.
Essential Duties and Responsibilities
Provide security advisory support to System Owners (SOs), Business Process Owners, ISSMs, and program leadership on matters related to information system security
Support implementation, maintenance, and continuous improvement of security controls across enterprise systems and applications
Coordinate and execute RMF activities including system categorization, control implementation, security assessments, authorization activities, and continuous monitoring
Develop, review, and maintain System Security Plans (SSPs), POA Ms, Security Assessment Plans, security procedures, and related authorization documentation
Assess system security posture and recommend corrective actions to address risks, vulnerabilities, and compliance deficiencies
Conduct security reviews and assessments to validate implementation and effectiveness of security controls
Collaborate with engineers, system administrators, developers, and government stakeholders to ensure security requirements are integrated throughout the system lifecycle
Support Authorization to Operate (ATO) activities and ongoing authorization maintenance efforts
Execute vulnerability management activities including identification, remediation tracking, risk assessment, and validation of corrective actions
Review and validate access control implementations, privileged account management, hardware inventories, software inventories, and security configurations
Develop security reports, dashboards, metrics, and recommendations for government leadership
Support audit activities, compliance reviews, inspections, and security assessments conducted by internal and external organizations
Provide guidance regarding physical and logical protection of information system assets
Evaluate security program effectiveness and recommend improvements to policies, procedures, and operational practices
Support incident response, security investigations, and remediation activities as required
Advise leadership on emerging threats, cybersecurity risks, and security improvement opportunities
Required Skills Experience
Active Secret clearance required
Minimum of 5 years of professional experience supporting cybersecurity, information assurance, RMF, or information system security activities
Demonstrated experience serving as an ISSO, ISSM support resource, or security practitioner within a federal environment
Strong experience supporting Risk Management Framework (RMF) activities and Authorization to Operate (ATO) processes
Experience developing and maintaining SSPs, POA Ms, Security Assessment Plans, authorization artifacts, and related security documentation
Strong knowledge of NIST 800-53, NIST 800-37, FISMA, and federal cybersecurity requirements
Experience implementing, assessing, and maintaining security controls across enterprise information systems
Experience supporting continuous monitoring programs, vulnerability management, and compliance initiatives
Experience evaluating system security risks and developing risk-based mitigation strategies
Experience supporting audits, assessments, inspections, and compliance reviews
Strong understanding of access control management, security documentation, risk assessment, and security operations
Strong analytical, troubleshooting, and problem-solving skills
Ability to communicate technical security concepts to technical and non-technical audiences
Strong written and verbal communication skills
Ability to work independently while managing multiple priorities and supporting complex security initiatives
Desired Skills Experience
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or related field
Experience supporting federal government, law enforcement, or national security programs
Experience supporting cloud environments and cloud security compliance requirements
Experience supporting Governance, Risk…