Information Systems Security Officer

Information System Security Officer

Information Technology Strategies, Inc. is a government IT solutions provider servicing commercial and government initiatives in various parts of the United States. We are currently seeking an Information System Security Officer to work for our company.

Summary:

• Client Agency is the Department of Commerce
• Ensure security policies and procedures are implemented.
• Identifying corrective actions/mitigation strategies to achieve/sustain RMF compliance.
• Review of virus detection software to ensure compliance.
• Review and analyze system implementation plans.
• Advising system owners and stakeholders on new deployments and advanced cyber security techniques
• Design, implement, and maintain secure cloud architectures within Azure Government Secret classified environments.
• Enforce zero trust principles, role-based access control (RBAC), and identity federation (e.g., Azure AD B2B/B2C with CAC/PIV).
• Configure and manage security controls such as Microsoft Defender for Cloud, Key Vault, Azure Policy, NSGs, and Private Endpoints.
• Automate compliance and security operations using PowerShell, Terraform, or ARM templates.
• Integrate SIEM/SOAR tools (e.g., Microsoft Sentinel for IL6) for continuous monitoring, logging, and incident response.
• Conduct vulnerability assessments and implement remediations aligned to NIST 800-53, DoD STIGs, and JSIG.
• Collaborate with mission owners, compliance teams, and developers to ensure secure DevSecOps pipelines.
• Support Authority to Operate (ATO) processes by generating security documentation, control evidence, and supporting audits.
• Navigate federal systems through the authorization process to achieve and maintain Authority to Operate (ATO).
• Work with the ISSO, Program and DOC ITD IA teams to maintain the necessary security authorizations.
• Develop comprehensive System Security Plans (SSPs) documenting all implemented NIST 800-53 controls.
• Coordinate security assessments with third-party assessors.
• Manage Plans of Actions & Milestones (POA&Ms) for addressing identified vulnerabilities.
• Ensure continuous monitoring plans meet agency requirements.
• Prepare authorization packages for government review.
• Maintain ongoing compliance through change management processes.
• Serve as the liaison between technical teams and authorizing officials.
• Translate security requirements into actionable tasks.
• Ensure all documentation meets the rigorous standards required for federal information systems.

Requirements:

• Must possess IT-II security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). (Basic Federal Clearance requirements are U.S. Citizenship, clear criminal history check, no recent or pending bankruptcies).
• Must possess an IAT-II security certification: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+ CE, CCNP Security, CISA, CISSP, CISSA, GCED, GCIH, or CCSP.
• Must have Eight to Twelve (8-12) years of experience.
• Strong knowledge of Azure-native security tools, IL6 data handling, and cloud networking.
• Proficient in scripting (PowerShell, Python, or Bash) and Infrastructure as Code (ARM, Bicep, Terraform).
• Experiences with DoD SRG, FedRAMP High, JSIG, and ICD 503 compliance frameworks.
• Hands-on experience with classified enclaves, hardened images, and enclave-to enclave connectivity.
• Comprehensive knowledge of corporate Systems/Solutions Architecture processes and trends.
• Strong leadership, organizational, and communication skills.
• Knowledge of Agile software development process.
• SCAP, STIG, Patching, eMASS, and related RMF tools.
• Cybersecurity, Systems Administration, implementation of RMF tools and processes.
• Experience with gaining an ATO for systems and working the systems through the assessment and authorization process.
• Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic email and access-list.
• Excellent communication skills.
• Experience working in Agile software development teams.
• Experience with secure development, coding and engineering practices.
• Experience with Cybersecurity, Information Security, and Information Technology Security processes, protocols, and procedures.
• Experience with Cloud Security.
• Experience working with leading firewall, network scanning and authentication technologies.
• Experience working with internet, web, application and network security techniques.
• Experience in Agile methodology.
• Experience in Jira to support development team in agile environment.
• Experience working in Federal or State government environments.
• Ability to work independently.

Work With Us

IT-Strat is a technology consulting company that holds various contract vehicles including best in class vehicles. IT-Strat has supported multiple clients including the Department of Homeland Security (DHS), Customs and Border Protection (CBP) and Immigration and Customs Enforcement (ICE via both prime and meaningful subcontracts). Additionally, IT-Strat has prime contracts with Defense Information Systems Agency (DISA), Defense Logistics Agency (DLA) and many others. We maintain relationships with multiple large businesses.

IT-Strat was established in 2002. We are a certified Woman Owned Small Business. IT-Strat also successfully graduated as an SBA 8(A) company. It was an 8(a) company from 2008 through 2017 and currently still has 8(a) contract vehicles.

Benefits We Offer:

• Four Medical/Vision options including an HSA plan
• Dental and Orthodontia plan
• Vision Materials plan
• Paid Life, Short-Term Disability, and Long-Term Disability
• 401K Retirement Program with company contribution
• Paid Vacation, Holidays, Sick Leave, Floating Holidays, Bereavement Leave
• Semi-monthly pay cycle

Information Technology Strategies ("IT-Strat") is an Equal Employment Opportunity employer, and it is our policy to consider applicants for employment without regard to sex, race, color, creed, religion, national origin, sexual orientation, marital status, age, disability, veteran status, alienage, ancestry, and any other factors prohibited by law. Employment selections are based on company and client requirements and the qualifications and skills of the candidate. IT-Strat is committed to actively capitalizing on the diversity of skills, talents, and perspectives of our employees.