Information Systems Security Officer (ISSO)

Overview

Information Systems Security Officer (ISSO)

Location: Hurlburt Field, FL, JBSA, TX, and Keesler AFB, MS

Job Status: Full time


Clearance: Top Secret

Astrion has an exciting opportunity coming up for an ISSO to join our team and support the 39th Information Operations Squadron (39 IOS).

We are preparing to hire for Journeyman, Senior, and SME levels. We anticipate a start date in March/April 2026.

Cyber Operations Formal Training Support III (CyOFTS III) is a Cyber Schoolhouse program supporting delivery, development, and sustainment of cyber training across operationally relevant mission sets. The team supports instruction, curriculum and content development, training operations, and program execution at multiple Air Force and joint training locations.


REQUIRED QUALIFICATIONS / SKILLS

• Active Top Secret clearance
• IAT/M Level II certification
• Education and Experience will depend on the labor category level.
  • Previous Information System Security experience is required.

RESPONSIBILITIES

• Perform Information Systems Security Officer duties consistent with the labor category and required RMF experience.
• Support Risk Management Framework (RMF) activities consistent with the required experience timeframe.
• You will manage and perform records management for all Account Forms including but not limited to: Cybersecurity Awareness training for all students, Authorized User Agreements and associated user forms for all networks required for duty at the 39 IOS, System Authorization Access Requests, Privileged User Agreements, 8570/8140 validation, Operating System Certification validation, and associated user forms.
• You will maintain appointment letters for work roles including, but not limited to: Program Managers, ISSO, Information Systems Security Manager (ISSM), Information Systems Security Engineer (ISSE), Systems Administrators, Client Systems Technicians, and Cybersecurity Liaisons.
• You will perform wireless scanning throughout the facility to ensure no rogue activity to include but not limited to: review vulnerability scans on all networks and respond to any vulnerabilities appropriately while conducting network audits on all networks.
• You will manage and update Management Internal Control Toolkit (MICT) checklists for assigned programs including, but not limited to: Privileged User, 17-1301 Computer Security (COMPUSEC), and 17-101 Risk Management Framework (RMF).
• You will inspect equipment prior to the entry and exit of the facilities and ensure entry and exit logs are accomplished along with reviewing, updating, and enforcing Media Control policy including, but not limited to: Issuing and tracking removable media and ensuring media sanitization.
• You will validate administrator accounts on all networks and respond to any discrepancies appropriately.
• You will review equipment purchase requests to ensure items are on approved products listings and meet requirements to enter the facilities.
• You will ensure cybersecurity marking and standards enforcement including but not limited to: Classification stickers and markings on all systems, Bomb threat aids posted by all phones, and Combined Security Cards are posted by all workstations.
• You will perform random bag and walkthrough inspections with the Security team along with responding to incidents and assisting with response and reporting.
• You will answer all TASKORDS/ taskers by MAJCOM for action on our owned networks including but not limited to: vulnerability remediation and data calls.
• You will review, update, and enforce the Security Concept of Operations (SECONOPS) along with the contingency plan policy.
• You will maintain Risk Management Framework (RMF) packages for all networks owned/operated by the 39 IOS including, but not limited to: answer data calls, prepare system package, Categorize system by guiding documents, Select security controls for risk mitigation, Implement security controls, Assess security control effectiveness, Monitor system and update accreditation package, Security Impact Analysis (SIA) submissions for tenants requesting changes and install of new software, and Respond to and coordinate requirements for accreditation package not owned by the squadron.
• You will order, issue, manage, and account for all tokens granting access to network as well as auditing and inventorying issuance of student user tokens.
• You will perform COMPUSEC and Information Security (INFOSEC) duties and manage the Cybersecurity Liaison program for the squadron under the direction of the Wing Cybersecurity Office.
• Support functions aligned to DCWF work roles (Information Systems Security Manager; Security Control Assessor; Cyber Defense Incident Responder) as applicable.
• Maintain and apply required IAT/M Level II certification within the scope of assigned duties.

***This position is contingent upon contract award***