Information System Security Officer (ISSO)

The Information System Security Officer (ISSO) reports to the MSTP Project Manager and receives work direction derivatives from the Communications and Information Systems Lead.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Provide Cyber Security technical and management support to MSTP, ensuring compliance with the RMF, NIST, DoD and Marine Corps standards to establish or sustain ATOs.

• Deliver cybersecurity and IA training, guidance, and reporting for MSTP personnel; monitor and report compliance with MCCOG/MCEN Operational Directives (OPDRs).

• Maintain and update POA&Ms, ensuring timely remediation of client, server, and network vulnerabilities through automated scanning tools and manual compliance checks.

• Run, review, and report on vulnerability and compliance scans using ACAS or other approved solution(s) and provide weekly ISSO reports and daily status updates as needed.

• Oversee patch management using Microsoft SCCM to ensure OPDIR compliance, reduce vulnerabilities, and support daily operations, training events, and exercises.

• Implement IAVAs, OPDIRs, DISA STIGs, patches, and industry best practices to maintain cybersecurity compliance across BSC/CAST information, C2, and simulation systems.

• Configure, operate, and troubleshoot HBSS client/server policies for compliance.

• Draft and submit cybersecurity incident and violation reports to government representatives, ensuring timely corrective actions.

• Verify that all personnel accessing information systems meet required DoD 8570/8140, SECNAV M5239.2, and HQMC ECSM 024 cybersecurity workforce certification standards.

• Maintain historical documentation of all MSTP DIACAP and RMF A&A packages and ensure MCCAST submissions are accurate and ready for signature.

• Maintain consistent IT asset reporting and patch coverage across operating systems and applications to ensure secure management across all MSTP locations.

• Design, deploy, and manage SIEM capabilities to support system monitoring, reporting, and cybersecurity compliance across MSTP information systems.

EDUCATION

• IAT Level II: Baseline Certification ‐ IAW DoD 8140.01 or higher required – Current DoD approved IA baseline certification (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP).

• Must possess and maintain training and certifications sufficient to be granted privileged access to Marine Corps information technology (IT) and information systems (IS) and be able to obtain a Marine Corps Compliance and Authorization Support Tool (MCCAST).

EXPERIENCE

• At least three years of experience in IT, which should include successful experience as an enterprise team member or lead.

• Well-versed in USMC eMASS and DoD cyber security compliancy, instructions, policies and regulations.

• Prior military experience as senior 0679, 0699 or equivalent.

CORE SKILLS/COMPETENCIES

Required Knowledge, Skills and Abilities

• Proficient in MS Word, Outlook, Excel, PowerPoint, Visio, Project, and SharePoint.

• Strong communication and presentation skills. Able to read, write, and communicate effectively in English. Able to design and write clear communications and present training programs.

• Excellent organizational, planning, problem-solving, prioritization, interpersonal skills, and able to instinctively adapt, plan, inform and influence.

WORKING CONDITIONS

• Required to sit for extended periods of time and maintain focus

• Daily travel in local area during work day (including use of personal vehicle)

• Be able to work an unstable schedule, to include holidays and weekends.

SPECIAL POSITION NOTATIONS

• CONUS and OCONUS travel may be required for up to three weeks at a time (or longer).

• Qualification as an authorized company driver is required. All authorized company drivers must have a valid driver's license, current automobile insurance, and a driving record that is acceptable to the company's auto insurance provider.

SECURITY CLEARANCE

• A Secret security clearance is required for this position.

• This position also requires a completed Personnel Security Investigation that will qualify the incumbent to be eligible for access to at least the TS-SCI level, and the individual must be read-in for NATO level access.