Spry Methods, Inc.
Information System Security Officer (ISSO)
Spry Methods, Inc., Huntsville, Alabama, United States, 35824
Information System Security Officer (ISSO)
Join to apply for the
Information System Security Officer (ISSO)
role at
Spry Methods, Inc.
1 day ago Be among the first 25 applicants
Who We’re Looking For (Position Overview):
This role is critical in ensuring the security posture of mission‑critical applications and infrastructure across multiple network enclaves (Unclassified, Secret, Top Secret). The ISSO will be responsible for developing, maintaining, and enforcing security policies, implementing cybersecurity controls, managing Authority to Operate (ATO) documentation, and conducting continuous monitoring and risk assessments in compliance with FISMA, NIST, DOJ, and other federal mandates.
Position Responsibilities
Serve as the principal cybersecurity advisor to system owners and stakeholders
Design, analyze, and test information security systems, products, cloud architectures and cloud solutions
Provide recommendations and/or alternatives to mitigate impact of system security boundary changes as part of any potential re‑architecting and/or re‑design activities
Develop, implement, and evaluate security controls, measures, and frameworks in cloud‑based systems to ensure data integrity, confidentiality, and availability
Perform risk analysis, vulnerability assessments, and security audits to identify and address potential weaknesses in cloud environments
Follow all appropriate security authorization process for requesting and maintaining an Authority to Operate (ATO)
Responsible for ensuring operational security is maintained for assigned information systems
Ensure systems are operated, maintained, disposed of in accordance with security policies and practices
Perform Security Incident Reporting and Response
Coordinate with the Office of the Chief Information Officer (OCIO), Security Division, and others to provide documentation to the system Certification and Accreditation process
Ensure audits and reviews are responded to with accurate information
Perform system access control responsibilities
Participate in the change management process for assigned applications
Work with Product Owner, Product Manager, OCIO, Security Division, and other stakeholders to ensure security concerns are addressed during all phases of system lifecycle
Perform continuous system security monitoring
Implement and manage cloud‑native and third‑party security tools for monitoring, threat detection and vulnerability management
Act as a SME on Cloud Security while applying methods, standards, and approaches for ensuring the baseline security safeguards are appropriately implemented and documented
Provides reports to superiors regarding effectiveness of data security and makes recommendations for the adoption of new procedures
Draft and keep updated information security documentation to include System Security Plan, Information System Contingency Plan, Plan of Actions and Milestones (POA&M), Privacy Threat Assessment, Privacy Impact Assessment, and Configuration Management Plan
Responsible for ensuring the implementation and maintenance of annual security controls assessments
Assist with FISMA System audits as necessary. Leverage necessary vulnerability assessment and scanning tools including Nessus and ACSA to identify vulnerabilities, Splunk tools to monitor, detect and rectify misconfigurations
Working directly with development, platform, and infrastructure teams on security problems
Minimum Requirements
Top Secret (TS) Clearance with SCI eligibility
3 - 5 years of experience required
Extensive experience with federal cybersecurity frameworks, including RMF, NIST 800-53, CNSS, and FISMA
Experience supporting cloud security in environments such as AWS GovCloud, C2S, SC2S, and Microsoft Azure
Analyze logs using Splunk and AWS tools
Hands‑on experience with vulnerability assessment and configuration tools such as Nessus, ACSA, and Splunk
Work with GRC tools such as Xacta/JCAM
Hold at least one of the following security certifications. Example: Security +, CGRC, CASP, CISSP
Experience using Atlassian suite tools such as JIRA/CONFLUENCE
Experience with Agile Methodologies/SAFe
Expertise on Information Security Principles, processes and guidelines
Able to obtain and maintain an Authority to Operate (ATO) for Information Systems
Experience with scanning tools such as Tenable Nessus
Ability to work on multiple projects with various timelines, at times very short deadlines
Preferred Qualifications
Certifications: CISSP, CISM, CAP, Security+, AWS Certified Security – Specialty, or other relevant certifications
Experience in a high‑side or multi‑enclave (U/S/TS) environment
Experience working with Agile development teams and CI/CD pipelines
Familiarity with Infrastructure as Code (IaC) and cloud configuration management tools (e.g., Terraform, Ansible)
Familiarity with NIST 800-53 Rev. 5
Seniority level Not Applicable
Employment type Full‑time
Job function Information Technology
Referrals increase your chances of interviewing at Spry Methods, Inc. by 2x
Location: Huntsville, AL
Salary: $110,000.00-$130,000.00
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
#J-18808-Ljbffr
Information System Security Officer (ISSO)
role at
Spry Methods, Inc.
1 day ago Be among the first 25 applicants
Who We’re Looking For (Position Overview):
This role is critical in ensuring the security posture of mission‑critical applications and infrastructure across multiple network enclaves (Unclassified, Secret, Top Secret). The ISSO will be responsible for developing, maintaining, and enforcing security policies, implementing cybersecurity controls, managing Authority to Operate (ATO) documentation, and conducting continuous monitoring and risk assessments in compliance with FISMA, NIST, DOJ, and other federal mandates.
Position Responsibilities
Serve as the principal cybersecurity advisor to system owners and stakeholders
Design, analyze, and test information security systems, products, cloud architectures and cloud solutions
Provide recommendations and/or alternatives to mitigate impact of system security boundary changes as part of any potential re‑architecting and/or re‑design activities
Develop, implement, and evaluate security controls, measures, and frameworks in cloud‑based systems to ensure data integrity, confidentiality, and availability
Perform risk analysis, vulnerability assessments, and security audits to identify and address potential weaknesses in cloud environments
Follow all appropriate security authorization process for requesting and maintaining an Authority to Operate (ATO)
Responsible for ensuring operational security is maintained for assigned information systems
Ensure systems are operated, maintained, disposed of in accordance with security policies and practices
Perform Security Incident Reporting and Response
Coordinate with the Office of the Chief Information Officer (OCIO), Security Division, and others to provide documentation to the system Certification and Accreditation process
Ensure audits and reviews are responded to with accurate information
Perform system access control responsibilities
Participate in the change management process for assigned applications
Work with Product Owner, Product Manager, OCIO, Security Division, and other stakeholders to ensure security concerns are addressed during all phases of system lifecycle
Perform continuous system security monitoring
Implement and manage cloud‑native and third‑party security tools for monitoring, threat detection and vulnerability management
Act as a SME on Cloud Security while applying methods, standards, and approaches for ensuring the baseline security safeguards are appropriately implemented and documented
Provides reports to superiors regarding effectiveness of data security and makes recommendations for the adoption of new procedures
Draft and keep updated information security documentation to include System Security Plan, Information System Contingency Plan, Plan of Actions and Milestones (POA&M), Privacy Threat Assessment, Privacy Impact Assessment, and Configuration Management Plan
Responsible for ensuring the implementation and maintenance of annual security controls assessments
Assist with FISMA System audits as necessary. Leverage necessary vulnerability assessment and scanning tools including Nessus and ACSA to identify vulnerabilities, Splunk tools to monitor, detect and rectify misconfigurations
Working directly with development, platform, and infrastructure teams on security problems
Minimum Requirements
Top Secret (TS) Clearance with SCI eligibility
3 - 5 years of experience required
Extensive experience with federal cybersecurity frameworks, including RMF, NIST 800-53, CNSS, and FISMA
Experience supporting cloud security in environments such as AWS GovCloud, C2S, SC2S, and Microsoft Azure
Analyze logs using Splunk and AWS tools
Hands‑on experience with vulnerability assessment and configuration tools such as Nessus, ACSA, and Splunk
Work with GRC tools such as Xacta/JCAM
Hold at least one of the following security certifications. Example: Security +, CGRC, CASP, CISSP
Experience using Atlassian suite tools such as JIRA/CONFLUENCE
Experience with Agile Methodologies/SAFe
Expertise on Information Security Principles, processes and guidelines
Able to obtain and maintain an Authority to Operate (ATO) for Information Systems
Experience with scanning tools such as Tenable Nessus
Ability to work on multiple projects with various timelines, at times very short deadlines
Preferred Qualifications
Certifications: CISSP, CISM, CAP, Security+, AWS Certified Security – Specialty, or other relevant certifications
Experience in a high‑side or multi‑enclave (U/S/TS) environment
Experience working with Agile development teams and CI/CD pipelines
Familiarity with Infrastructure as Code (IaC) and cloud configuration management tools (e.g., Terraform, Ansible)
Familiarity with NIST 800-53 Rev. 5
Seniority level Not Applicable
Employment type Full‑time
Job function Information Technology
Referrals increase your chances of interviewing at Spry Methods, Inc. by 2x
Location: Huntsville, AL
Salary: $110,000.00-$130,000.00
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
#J-18808-Ljbffr