NextGen is seeking a highly skilled and proactive Information System Security Officer (ISSO) to join our team in support of critical U.S. Army defense missions. The ideal candidate will bring deep expertise in cybersecurity risk management, NIST Risk Management Framework (RMF) implementation, security control assessment, and hands-on eMASS (Enterprise Mission Assurance Support Service) management to ensure the ongoing authorization, continuous monitoring, and operational security posture of classified and sensitive Army information systems.
This role is designed for a seasoned ISSO who excels at applying federal cybersecurity standards and DoD policies to the unique demands of Army contract environments—where compliance, rigorous documentation in eMASS, and close collaboration with authorizing officials, system owners, and engineering teams are essential. The successful candidate will maintain the security integrity of complex battlefield and mission-critical systems, enabling secure, compliant operation and integration of capabilities into operational Army environments through effective eMASS package management and RMF artifact oversight.
Responsibilities
Serve as the primary cybersecurity point of contact for one or more assigned Army information systems, maintaining the overall security posture and ensuring ongoing compliance with DoD and Army directives throughout the system lifecycle.Coordinate and support independent security control assessments, third-party audits, Army cybersecurity inspections, and compliance reviews, ensuring all findings are documented, tracked, and resolved in eMASS.Develop, update, and maintain System Security Plans (SSP), security assessment reports, control implementation statements, and other RMF authorization artifacts required to obtain and maintain Authority to Operate (ATO).Conduct continuous monitoring activities, including vulnerability scanning, security control assessments, log reviews, and configuration change tracking, to identify, document, and mitigate risks in a timely manner.Manage and track Plans of Action and Milestones (POA&M) for identified security weaknesses, coordinating remediation efforts with system owners, engineers, and Army program offices to achieve closure within required timelines.Perform Security Impact Analyses (SIA) for proposed system changes, modifications, or upgrades, assessing potential effects on security controls and recommending mitigations to maintain authorization status.Prepare, compile, and submit RMF documentation packages in eMASS (or equivalent Army systems), including security control inheritance documentation, test results, and evidence of control effectiveness.Coordinate and support independent security control assessments, third-party audits, and Army cybersecurity inspections, ensuring all findings are addressed and documented appropriately.Monitor system configuration baselines for unauthorized changes, enforce configuration management controls related to security, and participate in Configuration Control Boards (CCB) when security-relevant changes are proposed.Provide cybersecurity guidance and training to system administrators, developers, and other team members to promote secure practices and ensure Army systems remain compliant with RMF, NIST SP 800-53, DoD 8510.01, and AR 25-2 requirements.Prepare and deliver regular security status reports, risk briefings, and metrics to Army program leadership, authorizing officials, and stakeholders, highlighting current risk posture, emerging threats, and mitigation progress.
Qualifications
Security Clearance: Active Top Secret with SCI eligibilityEducation: Bachelor's degree in Computer Science, Information Technology (IT), Cybersecurity / Information Assurance, Engineering, or a related technical field. (Years of experience may be accepted in lieu of degree).Certifications: Security+ (or higher DoD 8140/8570 IAT Level II/III compliance).Hands-on Experience: managing eMASS packages end-to-end, including creating/updating authorization records, uploading RMF artifacts (SSP, SAR, POA&M, control evidence), tracking milestones, and ensuring timely ATO submissions and approvals.Direct Experience: implementing and managing the NIST Risk Management Framework (RMF) for DoD/Army information systems, including developing/maintaining System Security Plans (SSP), conducting Security Impact Analyses (SIA), managing POA&Ms, and supporting continuous monitoring and ATO processes.
Desired Qualifications
Certifications: Professional certifications such as CISSP (Certified Information Systems Security Professional) certification (or equivalent advanced credential such as CISM, CASP+, or CCISO) in good standing.Specialized Experience: Experience supporting Army-specific programs or systems (e.g., C5ISR, mission command, ground combat vehicles, tactical networks, or ARCYBER-related efforts).Knowledge: Of emerging Army cybersecurity priorities, including Multi-Domain Operations (MDO), information dominance, zero-trust architecture implementation, or cybersecurity for tactical edge systems.Demonstrated Success: In achieving and maintaining ATOs for complex, high-impact systems under tight timelines, with a track record of effective POA&M closure, risk acceptance justification, and positive audit/inspection outcomes.
About NextGen: NextGen Federal Systems is an innovative technology and professional services provider specializing in advanced software solutions and comprehensive mission and business support services. We work in close collaboration with our Customers to truly understand their business and mission goals. Our approach is to design, build, implement, and manage solutions that measurably improve our client’s organizational performance. We have established and foster a corporate culture where we: Treat employees with fairness and respect regardless of their position, sexual identity, race, or tenure; Communicate the importance of our mission and our employees’ contributions to it, ensuring they understand how their job role contributes to the greater good; Openly promote and communicate our ideas for change and adaptability; Strive to achieve results as an organization; Hold employees accountable to their commitments and provide incentives that encourage positive and productive behaviors; Value the talents and contributions of our employees as the key factor for our success; Create an environment where people can engage at all levels; Encourage people to take risks and allow them to make mistakes.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
RefID: A01
