Cybersecurity Lead / Information System Security Officer (ISSO)

Location : Hybrid / Remote with travel to CNIC HQ (Millington, TN) and field installations Eligibility : U.S. citizenship; ability to obtain and maintain the appropriate background investigation level Status : Full-time, contingent on contract award Position summary The Cybersecurity Lead / ISSO is the senior security accountable for every change touching CNIC F&FR's connected environment. You will treat each network, application, or configuration change as a potential RMF event, evaluate impact against ATO boundaries before implementation, run the coordinated change package process with pre-approved POA&Ms, and ensure no installation is out of compliance for more than 24 hours. You will participate as a voting member of the weekly Joint Change Advisory Board. What you will own RMF treatment of all changes — impact analysis against ATO boundaries, security control baselines, and continuous monitoring requirements. POA&M development, tracking, and closure across distributed installations. Coordinated change packages for cross-domain releases (e.g., concurrent ERP patch + POS firmware refresh) with staged rollout against the F&FR maintenance calendar. ATO renewal coordination with Authorizing Officials and CNIC cybersecurity stakeholders. Security control testing and audit-trail integrity during patch windows. Cybersecurity workforce: ISSO support, cybersecurity analysts, compliance specialists. Standing voting seat on the Joint Change Advisory Board (JCAB). Required qualifications Active CISSP certification. CASP+ or equivalent advanced security certification. DoD 8140 / 8570 IAT Level 2 baseline certification (Security+ or equivalent) — required for privileged access per RFP C-12.2. 10+ years RMF practitioner experience in DoD environments. Direct experience as an ISSO on a system with an active ATO. Demonstrated experience evaluating change impact against ATO boundaries on enterprise IT environments. Working knowledge of NIST SP 800-53 controls, eMASS, and DoD continuous monitoring requirements. U.S. citizenship; ability to obtain and maintain the appropriate background investigation level. Preferred qualifications Active or recent Secret clearance (likely required at the task order level for systems touching DoD-connected networks). Prior ISSO experience on a NAF or Navy connected system. CISM, CISA, or Security+ instructor-level credentials. Experience with cloud security control inheritance (FedRAMP, DISA SRG IL2/IL4).