Information Systems Security Officer - Senior job at MTSI - Modern Technology Solutions, Inc. in Dayton, OH

Title: Information Systems Security Officer (ISSO) - Senior Location: Dayton, OH United States Hybrid Job Description: Modern Technology Solutions Inc. is seeking a highly experienced Information Systems Security Officer (ISSO) to lead cybersecurity efforts for an AFLCMC program office. This role focuses on ensuring compliance with laws, regulations, and security requirements while implementing strategic and technical cybersecurity solutions. Responsibilities include assessing system confidentiality, integrity, and availability, evaluating threats and vulnerabilities, developing Plans of Action and Milestones (POA&M), and submitting authorization packages. Additionally, the ISSO will collaborate with development teams to design, integrate, and enhance information systems while recommending mitigation strategies for emerging security challenges. The ideal candidate will bring expertise in the Risk Management Framework (RMF), system administration, and program management. This hybrid position requires managing systems at the Secret, SCI, and SAP levels while balancing strategic governance and hands-on technical maintenance. The candidate must effectively engage with stakeholders ranging from end-users to Authorizing Officials (AO) while maintaining a resilient cybersecurity posture in response to evolving threats. Responsibilities:

• Security Policy Implementation: Develop, implement, and enforce security policies, standards, and procedures to ensure the protection of information systems.
• Configuration Management: Ensure that all information systems are configured securely according to organizational policies and best practices.
• System Patching: Perform system patching in response to IAVAs and other security findings and requirements

Why is MTSI known as a Great Place to Work? Interesting Work: Our co-workers support some of the most important and critical programs to our national defense and security. Values: Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry. 100% Employee Owned: We have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year. Great Benefits - Most Full-Time Staff Are Eligible for: Starting PTO accrual of 20 days PTO/year + 10 holidays/year Flexible schedules 6% 401k match with immediate vesting up to $9k annually Semi-annual bonus eligibility (July and December) Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account Up to $10,000 in annual educational reimbursement Other company funded benefits, like life and disability insurance Optional zero deductible Blue Cross/Blue Shield health insurance plan

• Risk Management: Conduct risk assessments to identify and mitigate potential security threats. Assess the impact of changes in the IT environment and update the risk management framework accordingly.
• Security Compliance: Ensure that information systems comply with relevant government and industry standards, such as NIST, FISMA, and DoD regulations. Prepare and maintain documentation to demonstrate compliance.
• Continuous Monitoring: Implement continuous monitoring processes to detect and respond to security vulnerabilities and threats. Utilize tools like SIEM (Security Information and Event Management) to monitor system activities.
• Security Audits: Conduct regular security audits and assessments to evaluate the effectiveness of security measures and identify areas for improvement.
• Collaboration: Work closely with other IT and security professionals to ensure a coordinated approach to cybersecurity. Liaise with external stakeholders, such as auditors and regulatory bodies, as needed.
• Documentation: Maintain comprehensive documentation of security policies, procedures, and measures taken to secure information systems. Prepare reports for management on security status and incidents.
• Security Enhancements: Recommend and implement security enhancements to improve the overall security posture of the organization. Stay updated with the latest security trends and technologies.
• Oversee the efforts of less senior staff and/or be responsible for the efforts of all staff assigned to a specific job.

Qualifications:

• Security Clearance:

o Must be a U.S. Citizen o Active Top-Secret Security Clearance with ability to obtain SCI

• Certifications and Technical Expertise/Experience:

o Certifications required: COMPTIA Security + / CISSP o DESIRED AWS certification (e.g., AWS Solutions Architect Associate or Professional)

• Education:

o A Master of Arts/Master of Science/Master of Engineering MA/MS/ME degree o Years of experience may be considered in lieu of a masters degree

• Experience:

o Have no less than three (3) years’ experience in a Special Access Program (SAP) and/or Sensitive Compartmented Information (SCI) environment within the last five (5) years o Possess minimum of 10 years of relevant work experience o Minimum of 2-5 years of experience in ISSO roles o Proficiency in using security tools and technologies, such as firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection. o Knowledge of network security, application security, and endpoint security principles. o Understanding of operating systems (Windows, Linux, etc.) and their security configurations. o Familiarity with cloud security best practices o Familiarity with RMF process o Experience with Spunk or other similar applications o Experience with security compliance and regulatory requirements. o Strong analytical and problem-solving abilities. o Capability to analyze complex security issues and develop practical solutions. o Excellent written and verbal communication skills. o Ability to effectively communicate technical information to non-technical stakeholders o Experience working in a DoD program or product acquisition office or environment

• Technical Expertise:

o Proficiency with Windows, Linux, and/or VMware administration. o Knowledge of network security principles and tools. o Experience with DISA STIG implementation, RMF compliance processes, and vulnerability assessment tools (Nessus, Splunk, HBSS).

• Desired Qualifications:

o In-depth experience supporting government environments, especially within the DoD. o Advanced scripting skills for task automation (e.g., PowerShell, Python). o Ability to multitask, prioritize, and manage time efficiently o Experience working in a DoD program or product acquisition office or environment #LI-DI #MTSI-Jobs Why is MTSI known as a Great Place to Work? Interesting Work: Our co-workers support some of the most important and critical programs to our national defense and security. Values: Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry. 100% Employee Owned: We have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year. Great Benefits - Most Full-Time Staff Are Eligible for: Starting PTO accrual of 20 days PTO/year + 10 holidays/year Flexible schedules 6% 401k match with immediate vesting up to $9k annually Semi-annual bonus eligibility (July and December) Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account Up to $10,000 in annual educational reimbursement Other company funded benefits, like life and disability insurance Optional zero deductible Blue Cross/Blue Shield health insurance plan Apply tot his job Apply To this Job