• Information Security Support Officer (ISSO)

    JCTM LLC (San Antonio, TX)


    The Challenge

     

    The security of Information Technology assets in today’s information age is a top priority in aligning our military forces for the future operating environment. What if you could use your cybersecurity knowledge and experience to assist US Cyber Command in those efforts?

     

    Build Your Career

     

    At JCTM, we value knowledge, experience, integrity, and commitment. Joining our team means becoming part of an organization that empowers individuals, prioritizes ethical practices, and fosters a culture of collaboration and growth.

     

    Challenging Projects

     

    As an Information System Security Officer (ISSO) with JCTM, you will play a critical role in ensuring the security and compliance of information systems throughout their lifecycle. This position requires a deep understanding of risk management frameworks, cloud platforms, and cybersecurity practices, with a focus on maintaining and enhancing the security posture of our environments. You will provide impactful support to customers as they navigate ATO, cATO, and deployment processes in dynamic operational environments.

    Key Responsibilities

    + A&A Package Management: Create, manage, and maintain Authorization and Accreditation (A&A) packages, including System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Plans of Action and Milestones (POA&Ms), and other necessary artifacts.

    + eMASS/Xacta Data Management: Support the entry and maintenance of data in information system security systems of record such as eMASS or Xacta.

    + Lifecycle Cybersecurity Management: Drive cybersecurity activities across all phases of the system lifecycle including planning, development, deployment, and operations. Enforce system hardening and perform security analysis to ensure protection of the CIA triad.

    + Stakeholder Communication: Brief Information System Security Managers (ISSMs), Security Control Assessors (SCAs), and Authorizing Officials (AOs) on the cybersecurity posture of systems. Provide regular updates and insights.

    + Continuous Monitoring: Manage and implement Continuous Monitoring activities including periodic control reviews, audits, vulnerability scans, and penetration test report evaluations.

    + POA&M Development and Maintenance: Develop and maintain POA&Ms to track system vulnerabilities, mitigation efforts, remediation actions, and closures. Provide fix actions and compensating controls, perform reviews, and deliver briefings to stakeholders.

     

    State-of-the-Art Technology

     

    Expand your expertise by working with cutting-edge technologies and methodologies, optimizing their application in a dynamic environment.

     

    New Skills

     

    Collaborate with a diverse team of technical and functional experts, gaining practical experience with advanced tools, technologies, and strategic-level implementations.

     

    Room to Grow

     

    You will have opportunities to grow your career and contribute to the company's strategic goals, supported by mentorship and a collaborative work environment.

     

    You Have

     

    + Active TS/SCI Security Clearance

    + 5+ years of relevant cybersecurity experience

    + Experience assessing technical environments and translating implemented security controls into clear NIST SP 800-53 control narratives and supporting ATO documentation

    + Hands-on experience with eMASS or Xacta for full system lifecycle activities

    + Experience with NIST 800-53 Rev5 and CNSSI 1253

    + Experience as an RMF Engineer, ISSO, and/or information assurance engineer

    + Familiarity with at least one cloud platform: AWS, Azure, or Google GCP

    + Experience with Air Force risk management policies and procedures, including DODI 8510.01, AFI 17-101, Fast Track ATO Handbook, and AF Continuous ATO Playbook

    + Ability to clearly articulate ideas for executive-level consumption

    + Ability to use prior experience and knowledge to address new situations, especially during client interactions

    + Bachelor’s degree in Information Security, Computer Science, or a related discipline; or in lieu of a degree, 3 additional years of equivalent industry experience

     

    Nice to Haves

     

    + Knowledge of the Air Force A&A process and requirements

    + Familiarity with SIEM tools such as Splunk or Elastic

    + Experience with DoD DevSecOps Fundamentals Playbook

    + Experience applying DoD Fast Track ATO and Air Force Continuous ATO Playbook methodologies

     

    Clearance

     

    Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information. TS/SCI clearance is required.

     

    Equal Opportunity Employer Statement

     

    JCTM is an Equal Opportunity Employer that empowers our people to fearlessly drive internal and external change while supporting the safety and security of our great nation.