Information Systems Security Officer
Mission
Fed95, LLC, is a 100% Tribally-owned, Native American SBA 8(a) small business of the Nottawaseppi Huron Band of the Potawatomi (NHBP). Headquartered in Southwest Michigan and supporting federal contracts world-wide, Fed95 is part of a portfolio of companies managed by Waseyabek Development Company, LLC, a 100% Tribally-owned economic development firm focused on income diversification on behalf of NHBP. Fed95 is a well-funded experienced small business with substantial liquid assets and experience in federal contracting. Fed95 is well-versed in federal contract compliance and provides outstanding support services to our Government clients.
Position Summary
The Information Systems Security Officer (ISSO) supports the Cybersecurity functional line for the Hill CEDC IT Operations & Maintenance contract at Hill AFB by ensuring the security, compliance, and operational integrity of information systems supporting mission-critical operations. This role is responsible for implementing and maintaining cybersecurity controls, supporting Risk Management Framework (RMF) activities, monitoring system security posture, managing vulnerabilities, and ensuring compliance.
Responsibilities
- Manages the full RMF lifecycle including system categorization, security control selection, implementation, assessment, authorization, and continuous monitoring.
- Maintains ACAS, HBSS, and SCAP compliance posture.
- Manages POA&Ms, and ensures STIG compliance across all managed systems.
- Monitor information systems for compliance with applicable cybersecurity policies, standards, and regulations.
- Conduct vulnerability assessments and coordinate remediation efforts with system owners and technical teams.
- Review security configurations, system changes, and architecture modifications to ensure compliance with approved security baselines.
- Support security authorization activities, continuous monitoring programs, and cybersecurity inspections.
- Analyze security alerts, findings, and incidents and coordinate corrective actions as required.
- Assist with implementation and validation of Security Technical Implementation Guides (STIGs) and other security requirements.
- Maintain Plan of Action and Milestones (POA&M) documentation and track remediation efforts through completion.
- Support audit readiness activities by maintaining cybersecurity documentation, evidence, and traceability records.
Minimum Qualifications, Knowledge, Skills, and Abilities
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, Information Assurance, or related field.
- 5+ years of experience supporting information assurance, cybersecurity, or information systems security activities.
- Experience supporting DoD Risk Management Framework (RMF) processes and security authorization activities.
- Knowledge of NIST cybersecurity frameworks, controls, and federal information security requirements.
- Experience conducting vulnerability management, security compliance assessments, and remediation tracking.
- Familiarity with Security Technical Implementation Guides (STIGs), vulnerability scanning tools, and security compliance reporting.
- Understanding of enterprise IT operations, including systems, networks, storage, virtualization, and cloud technologies.
- Experience supporting Configuration and Change Management processes.
- Strong analytical, troubleshooting, and risk assessment skills.
- Excellent written and verbal communication skills with the ability to prepare security documentation and reports.
- Familiarity with Agile methodologies.
- Must be able to obtain and Maintain Secret Clearance.
- Must be able to pass Pre-Employment Drug test.
- Must be US Citizen.
Preferred Qualifications
- Master’s degree in Cybersecurity, Information Assurance, Information Systems, or related discipline.
- Current DoD 8570/8140-compliant certification such as Security+, CISSP, CAP, CASP+, or equivalent.
- Experience supporting Air Force, DoD, or federal enterprise IT environments.
- Experience with eMASS, ACAS, HBSS/ESS, or similar cybersecurity tools and platforms.
- ITIL Foundation or ITIL Managing Professional certification.
Working Conditions / Environment / Physical Demands
- Position is performed on site at Hill AFB, Utah, in a secure professional environment.
- Standard work schedule is Monday–Friday during normal business hours, with occasional evening or weekend work to meet critical deadlines.
- Core duty hours: Monday–Friday, 0600–1800 MST.
- Work involves extensive computer and secure network use, including prolonged periods of sitting and screen time.
- Requires independent work with minimal supervision, as well as collaboration with cross‑functional teams, subcontractors, and Government stakeholders.
- Occasional travel may be required for customer meetings, training, or program reviews.
Disclaimer
This job description outlines the general nature and level of work expected of the Senior Business Intelligence Analyst. It is not an exhaustive list of all duties, responsibilities, or qualifications. Additional tasks may be assigned as required by the contract or mission needs.
Equal employment opportunity, including veterans and individuals with disabilities.
PI285306356
