Ennoble First
Senior Information Systems Security Officer
Ennoble First, Chantilly, Virginia, United States, 22021
Location:
Gaithersburg, MD; Alexandria, VA; Chantilly, VA; St. Louis, MO; Aurora, CO
Clearance Required:
Top Secret with SCI eligibility and Polygraph
Employment Type:
Full-Time Regular
Shift:
Day
Travel:
No
Relocation Assistance:
Yes
Company Overview We are Ennoble First—the people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that is important. Ennoble First is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver. There is no challenge we can’t turn into an opportunity.
Program Summary This program is revolutionizing how cybersecurity enables mission agility across the Intelligence Community. The team is engineering security into every layer of modern, cloud‑native enterprise systems that power critical intelligence operations. From secure system design and zero‑trust architecture to real‑time threat detection and automated compliance, cybersecurity professionals on this mission are driving protection through innovation. As a Senior ISSO, you will safeguard next‑generation systems and data—ensuring the confidentiality, integrity, and availability of information that underpins national security.
Primary Responsibilities
Manage and maintain all system authorization and risk management processes in compliance with NIST RMF and ICD 503.
Develop, update, and maintain System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and associated security documentation.
Conduct vulnerability assessments and security testing, ensuring scan results are tracked, analyzed, and remediated effectively.
Coordinate security engineering activities across development, deployment, and operational environments.
Provide expert guidance to system administrators, developers, and users on secure configuration and hardening practices.
Support incident response, audit preparation, and remediation of findings.
Collaborate with information assurance, network, and DevSecOps teams to maintain continuous Authorization to Operate (ATO) status.
Liaise with government security authorities and accreditation officials to ensure compliance and sustainment of system certifications.
Required Qualifications
Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, or related field and 8–12 years of experience, or Master’s with 6–10 years.
Experience managing system accreditation and ATO packages under NIST RMF or ICD 503.
3+ years of experience operating, analyzing, and resolving vulnerability scan results using tools such as Nessus, Tenable Security Center, or a comparable commercial or GOTS product.
Proficiency with tools such as XACTA, ACAS, or Splunk.
Strong understanding of security policies, controls, and compliance frameworks.
Knowledge of operating system hardening, vulnerability management, and risk mitigation.
Ability to communicate complex cybersecurity concepts clearly to both technical and non‑technical audiences.
U.S. citizenship required.
Preferred Qualifications
CISSP, CISM, or Security+ certification.
Experience supporting Intelligence Community or Department of Defense systems.
Familiarity with cloud security models (AWS GovCloud, C2S, or Azure Government).
Experience with automation or scripting to support continuous monitoring and compliance.
Knowledge of DevSecOps pipelines and secure software development lifecycle (SDLC) integration.
Target Salary Range:
$135,000 – $165,000
The Ennoble First pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered include the responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, and applicable laws.
Equal Employment Opportunity Ennoble First is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to any characteristic protected by law.
E‑Verify Participation Ennoble First participates in E‑Verify. Learn more at www.dhs.gov/E-Verify. Ennoble First is committed to providing a diverse and inclusive work environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
E-Verify is a registered trademark of the U.S. Department of Homeland Security.
#J-18808-Ljbffr
Gaithersburg, MD; Alexandria, VA; Chantilly, VA; St. Louis, MO; Aurora, CO
Clearance Required:
Top Secret with SCI eligibility and Polygraph
Employment Type:
Full-Time Regular
Shift:
Day
Travel:
No
Relocation Assistance:
Yes
Company Overview We are Ennoble First—the people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that is important. Ennoble First is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver. There is no challenge we can’t turn into an opportunity.
Program Summary This program is revolutionizing how cybersecurity enables mission agility across the Intelligence Community. The team is engineering security into every layer of modern, cloud‑native enterprise systems that power critical intelligence operations. From secure system design and zero‑trust architecture to real‑time threat detection and automated compliance, cybersecurity professionals on this mission are driving protection through innovation. As a Senior ISSO, you will safeguard next‑generation systems and data—ensuring the confidentiality, integrity, and availability of information that underpins national security.
Primary Responsibilities
Manage and maintain all system authorization and risk management processes in compliance with NIST RMF and ICD 503.
Develop, update, and maintain System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and associated security documentation.
Conduct vulnerability assessments and security testing, ensuring scan results are tracked, analyzed, and remediated effectively.
Coordinate security engineering activities across development, deployment, and operational environments.
Provide expert guidance to system administrators, developers, and users on secure configuration and hardening practices.
Support incident response, audit preparation, and remediation of findings.
Collaborate with information assurance, network, and DevSecOps teams to maintain continuous Authorization to Operate (ATO) status.
Liaise with government security authorities and accreditation officials to ensure compliance and sustainment of system certifications.
Required Qualifications
Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, or related field and 8–12 years of experience, or Master’s with 6–10 years.
Experience managing system accreditation and ATO packages under NIST RMF or ICD 503.
3+ years of experience operating, analyzing, and resolving vulnerability scan results using tools such as Nessus, Tenable Security Center, or a comparable commercial or GOTS product.
Proficiency with tools such as XACTA, ACAS, or Splunk.
Strong understanding of security policies, controls, and compliance frameworks.
Knowledge of operating system hardening, vulnerability management, and risk mitigation.
Ability to communicate complex cybersecurity concepts clearly to both technical and non‑technical audiences.
U.S. citizenship required.
Preferred Qualifications
CISSP, CISM, or Security+ certification.
Experience supporting Intelligence Community or Department of Defense systems.
Familiarity with cloud security models (AWS GovCloud, C2S, or Azure Government).
Experience with automation or scripting to support continuous monitoring and compliance.
Knowledge of DevSecOps pipelines and secure software development lifecycle (SDLC) integration.
Target Salary Range:
$135,000 – $165,000
The Ennoble First pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered include the responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, and applicable laws.
Equal Employment Opportunity Ennoble First is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to any characteristic protected by law.
E‑Verify Participation Ennoble First participates in E‑Verify. Learn more at www.dhs.gov/E-Verify. Ennoble First is committed to providing a diverse and inclusive work environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
E-Verify is a registered trademark of the U.S. Department of Homeland Security.
#J-18808-Ljbffr