Information System Security Officer

Job Description

Job Description

Position Overview

The System Security Officer (SSO) is responsible for ensuring that enterprise systems and applications are developed, implemented, and maintained in alignment with organizational security and compliance requirements. This role provides oversight and hands-on support for system security controls, documentation, monitoring, and risk management activities. The SSO also supports continuity and disaster recovery planning while ensuring systems remain compliant with established technical and regulatory standards. A backup SSO may also be designated to provide coverage and support.

Key Responsibilities

• Implement and maintain system and application security controls to ensure technical compliance with organizational security requirements.
• Support the achievement and maintenance of Authority to Operate (ATO) or equivalent approvals for applications and systems.
• Ensure a full understanding of the organization’s Security Assessment and Authorization (SA&A) processes.
• Implement and maintain security controls in alignment with the organization’s risk management framework.
• Develop, update, and maintain security documentation required for compliance and certification processes.
• Ensure systems adhere to enterprise Technical Reference Architectures and supplemental security specifications.
• Utilize approved security tools for continuous monitoring, vulnerability assessment, and configuration management.
• Implement audit tools and reporting processes to support continuous diagnostics and monitoring (CDM).
• Provide engineering expertise in support of Continuity of Operations Planning (COOP) and Disaster Recovery (DR) planning and exercises.
• Develop and manage Configuration Management and Change Management plans.
• Create, track, and maintain Plans of Action and Milestones (POA&Ms) to address security risks and findings.
• Conduct or participate in threat and vulnerability management for assigned systems.
• Support ongoing compliance activities, risk assessments, and security improvement initiatives

Qualifications

• Proven experience in information security, system administration, or IT risk management.
• Strong knowledge of security frameworks such as NIST RMF, ISO 27001, or equivalent standards.
• Experience with vulnerability management, security assessment tools, and configuration management practices.
• Familiarity with system accreditation, security documentation, and compliance reporting processes.
• Strong analytical skills and ability to respond effectively to complex security issues.
• Excellent communication and collaboration skills to work with technical, compliance, and leadership teams.

Preferred Experience

• Prior experience as a System Security Officer, Information System Security Officer (ISSO), or related role.
• Hands-on experience with audit tools, continuous monitoring, and security engineering.
• Background in disaster recovery, business continuity, or incident response planning.
• Experience working in regulated environments requiring strict compliance (e.g., healthcare, financial services, or government contracting)

Company DescriptionOur mission is to empower our clients to achieve sustainable success through efficient, cost-effective, and scalable solutions that drive significant performance improvements. We believe in delivering value-driven results and fostering a culture that attracts and retains top talent to provide scalable, adaptable services.

Company Description

Our mission is to empower our clients to achieve sustainable success through efficient, cost-effective, and scalable solutions that drive significant performance improvements. We believe in delivering value-driven results and fostering a culture that attracts and retains top talent to provide scalable, adaptable services.