Information Systems Security Officer (ISSO)

Information Systems Security Officer (ISSO) Subject Matter Expert (SME)

CyKor is a fast-growing Technology Solutions Provider to both federal and commercial clients. We attribute our continued growth to our core values, our professional team, and the valuable relationships with our clients. Our small and growing team fosters an environment in which each team member is respected, valued, and appreciated for their contributions.

Role & Responsibilities

CyKor is seeking an Information Systems Security Officer (ISSO) Subject Matter Expert (SME) to support federal environments as part of a matrixed engineering and cybersecurity delivery team.

This position supports the Lead Federal ISSO by providing engineering-focused Risk Management Framework (RMF) expertise, cybersecurity compliance support, and technical security integration across enterprise infrastructure, network modernization, cloud, and operational technology initiatives. The ISSO SME will work collaboratively with architects, engineers, program managers, system owners, and cybersecurity stakeholders to ensure systems maintain compliance with federal Risk Management Framework (RMF) requirements throughout the system lifecycle.

The ideal candidate possesses strong technical knowledge of enterprise systems and cybersecurity requirements, with the ability to translate engineering changes and operational impacts into actionable RMF and authorization activities.

• Support the Lead Federal ISSO in execution of cybersecurity and RMF activities across client mission systems and enterprise engineering efforts
• Serve as the engineering-focused cybersecurity SME supporting system modernization, infrastructure deployment, cloud integration, and operational sustainment initiatives
• Apply knowledge of federal RMF requirements, including NIST 800-37, NIST 800-53, DHS 4300A/B, and federal cybersecurity policies
• Collaborate within a matrixed project team consisting of network engineers, architects, cloud engineers, system administrators, program managers, and cybersecurity personnel
• Analyze system architectures, components, interconnections, data flows, and operational changes to assess security impacts and authorization implications
• Support development, review, and maintenance of RMF artifacts including System Security Plans (SSPs), boundary diagrams, hardware/software inventories, POA&Ms, contingency plans, and configuration management documentation
• Assist with implementation and oversight of configuration management processes across authorization boundaries
• Support continuous monitoring activities, vulnerability management, patch compliance, STIG implementation, and remediation tracking
• Conduct periodic system reviews to ensure compliance with approved security controls and operational requirements
• Coordinate with engineering teams to ensure cybersecurity controls are integrated into technical designs and deployment activities
• Support ATO and Continuous ATO (cATO) activities including package preparation, artifact updates, security impact assessments, and audit support
• Evaluate proposed engineering changes and provide cybersecurity recommendations regarding operational and authorization impacts
• Support security assessment activities, audit readiness efforts, and customer cybersecurity reviews
• Assist with cybersecurity documentation updates related to evolving infrastructure and engineering implementation

Please note: This opening is contingent upon contract award (expected award & start date is June/July 2026).

Requirements

• Bachelor's degree in Cybersecurity, Information Technology, Engineering, Computer Science, or related field (or equivalent experience)
• 5+ years of experience supporting RMF, cybersecurity compliance, or ISSO activities within federal civilian environments
• Experience supporting engineering or infrastructure-focused cybersecurity initiatives
• Working knowledge of federal RMF processes and authorization requirements
• Familiarity with NIST security controls, continuous monitoring, vulnerability management, and configuration management practices
• Experience supporting ATO/cATO package development and maintenance
• Understanding of enterprise networking, cloud environments, virtualization, and infrastructure technologies
• Experience working in collaborative, cross-functional engineering environments
• Strong written and verbal communication skills supporting technical and non-technical stakeholders
• Active Secret clearance required

Preferred Certifications & Skills

• CISSP, CAP, Security+, CISM, or equivalent certification
• Experience supporting federal civilian agencies
• Experience with eMASS, CSAM, or equivalent governance/compliance platforms
• Familiarity with Zero Trust initiatives, cloud security frameworks, and enterprise network modernization program
• Experience supporting operational technology, SD-WAN, or large-scale federal infrastructure deployments

CyKor, LLC is an equal opportunity employer and values diversity in the workplace. All qualified applications will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, natural origin, or protected veteran status, and will not be discriminated against on the basis of disability.