?? DO NOT APPLY IF YOU DO NOT HAVE AN ACTIVE SECRET CLEARANCE ??

Information Systems Security Officer (ISSO)

SECURITY REQUIREMENT:

An active Secret clearance is REQUIRED for this position.

Location: Suitland, MD – Full-Time, Hybrid (2 Days On-Site / 3 Days Telework)

Salary Range: $120,000 – $125,000 annually

Who We Are

RCG is a fast-growing federal contracting firm proudly Certified™ as a Great Place to Work®. We are committed to fostering a culture of innovation, inclusion, and excellence. At RCG, we deliver technology and mission support services that help government agencies succeed. We are currently seeking an Information Assurance Engineer / Information Systems Security Officer (ISSO) to support our federal government customer in Suitland, MD. This role follows a hybrid schedule, requiring two (2) days on-site and three (3) days of telework each week.

**Due to the secure nature of this government agency, all candidates must be U.S. Citizens and able to successfully pass the required background investigation.**

The Opportunity

This role is ideal for a seasoned Information Assurance professional with strong experience supporting FISMA systems in a cloud-based environment. The ISSO will serve as a subject matter expert (SME), advising system development teams on security best practices, regulatory requirements, and compliance standards while supporting Security Assessment & Authorization (SA&A) activities for new and existing systems. The successful candidate will help maintain an appropriate security posture, manage security-related change requests, and support system authorization efforts across evolving threat landscapes.

What You’ll Do

• Serve as an Information Assurance SME for systems development projects in a cloud-based environment.
• Review proposed systems, networks, and software for potential security risks and advise on secure product selection and implementation.
• Define system scope and required level of detail for security plans and documentation.
• Manage and analyze Change Requests (CRs), assessing security impact and required updates to system posture.
• Provide Security Assessment & Authorization (SA&A) support for new and existing systems.
• Identify, develop, and maintain required security artifacts for authorization packages.
• Prepare and review System Security Plans (SSPs), including FIPS 199, FIPS 200, and E-Authentication documentation.
• Coordinate and participate in Security Test & Evaluation (ST&E) activities and review ST&E reports.
• Perform vulnerability assessment reviews and generate reports for System Owners and key stakeholders.
• Validate system hardening, patching, and compliance with applicable security requirements and checklists.
• Report status, findings, and risk posture to the Program Manager and Deputy Program Manager.

Required Qualifications

• Active Secret clearance (REQUIRED).
• U.S. Citizenship required.
• Bachelor’s degree in a technical field (e.g., Engineering, Computer Science) or 10 years of experience in IT systems engineering or IT security architecture.
• 6+ years of hands-on experience in information assurance or information security.
• Demonstrated ISSO experience supporting FISMA systems.
• Strong expertise in cloud architecture, cloud engineering, and cloud compliance.
• Ability to work in a hybrid environment (on-site and telework).
• Excellent interpersonal skills with demonstrated ability to collaborate across teams and organizations.
• Strong verbal and written communication skills in English.

Certifications (Required)

• CISSP or equivalent security certification

Desired (Not Required) Qualifications

• Experience supporting cloud systems in AWS environments.
• AWS Cloud Practitioner or Essential certification.
• Certificate of Cloud Knowledge (CCAK) Plus.
• Certified Cloud Security Professional (CCSP).

Physical Demands

The physical demands described here are representative of those required to successfully perform the essential functions of this role. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions.

EEO Statement

RCG, Inc. does not discriminate against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibits discrimination against all individuals based on race, color, religion, sex, sexual orientation/gender identity, or national origin.