Information Systems Security Officer

Information Systems Security Officer

LOCATION: On Site - Kirtland AFB, NM

JOB STATUS: Full-time

CLEARANCE: Active TS/SCI clearance

Astrion is seeking an experienced Information Systems Security Officer (ISSO) to support the Air Force Research Laboratory's (AFRL) Research & Development Integrated Space Experiments (RISE) contract at Kirtland AFB in Albuquerque, NM.

As the primary information systems security point of contact, you will lead cybersecurity compliance, risk management, and system authorization efforts across the RISE experiment portfolio. This role is central to ensuring secure, resilient operations for mission-critical ground systems, networks, and space vehicles that enable next-generation space research and experimentation.

Required Qualifications

• Active DoD TS/SCI clearance (required at time of hire).

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related technical field.

• CISSP (meets DoD 8570/8140 IAM Level II)

• 5+ years of cybersecurity experience in DoD, IC, or R&D environments, with direct RMF and ATO support responsibilities.

• Demonstrated hands-on experience in:

• Managing A&A for classified systems (Secret/SCI/SAP)

• System Security Plan (SSP) development and evaluation

• NIST-based security control assessments

• NIST risk assessments and risk analysis

• Working knowledge of DISA STIGs, vulnerability management, and secure configuration validation.

• Strong understanding of DoDI 8500.01, DoDI 8510.01, CNSSI 1253, and NIST SP 800-37 / 53 frameworks.

• Experience leading or supporting high-visibility customer meetings and engaging with system owners and executive management.

• Excellent written and verbal communication skills; capable of preparing clear, professional documentation and reports.

Preferred Qualifications

• Experience supporting AFRL, USSF, or DoD cybersecurity programs.

• Familiarity with cloud security architectures, hybrid environments, and cross-domain solutions.

• Experience developing and sustaining enterprise RMF accreditation packages.

• Knowledge of Program Protection, OPSEC, and classification management.

• Experience supporting Defensive Cyber Operations (DCO) and Continuous Monitoring activities.

Responsibilities

• Lead and maintain RMF Assessment & Authorization (A&A) documentation and processes, including:

• System Security Plans (SSP) - creation, review, and maintenance

• Plans of Action & Milestones (POA&Ms)

• Security Assessment Reports (SARs)

• Risk Assessment Reports (RARs)

• Assessment & Authorization (A&A) packages

• Conduct and document Security Control Assessments, Security Control Testing, and risk analyses in accordance with NIST SP 800-53 and DoDI 8510.01.

• Develop, evaluate, and maintain Contingency Plans and system-level security procedures.

• Apply DISA STIGs, secure baselines, and configuration management controls to classified and unclassified systems.

• Perform and support risk assessments, developing mitigation strategies to address vulnerabilities and improve system posture.

• Support audits, inspections, and readiness assessments for ATO maintenance and continuous monitoring.

• Perform other cybersecurity duties as directed by the RISE task leads or Government Customer.