Information Systems Security Officer (ISSO)

Location: Annapolis Junction, MD (100% on-site)

Clearance: Active TS/SCI with Full Scope Polygraph (within the last 7 years)

About EITR Technologies

EITR Technologies was built by technologists who are still billable today. We know what it means to be on-site and on-contract in the government space, and we built the company we always wished we worked for.

We're small on purpose. You won't be five layers deep in an org chart; you'll work directly with company leadership and senior government stakeholders, and you'll have a real say in our technical direction, tooling, and culture. Good ideas here turn into actual company offerings. We offer strong pay, industry-leading benefits, and a culture with no strings attached: come to our happy hours and game nights if you want, skip them if you don't. We hire adults and treat them like it.

About the Role

We're hiring an Information Systems Security Officer (ISSO) to own the security posture of large high performance computing environments supporting national security missions. The scale of compute, storage, and interconnect in these environments is unusual even by HPC standards, which makes the security work genuinely interesting: you'll be accrediting and monitoring systems that don't fit neatly into standard checklists.

You'll be responsible for keeping mission systems compliant and accredited through their full life cycle: new capability standing up, production systems evolving through upgrades and modernization, and emerging technologies moving from lab evaluation onto mission networks. The work involves close collaboration with government security officials, system administrators, engineers across multiple disciplines, and program leadership, and your assessments directly shape what gets fielded and when.

What You'll Do

  • Develop, maintain, and update System Security Plans (SSPs), Risk Assessment Reports, C&A packages, and Security Requirements Traceability Matrices (SRTMs) for classified HPC systems

  • Execute the NIST Risk Management Framework (RMF) end to end: control selection, implementation evidence, assessment support, POA&M management, and continuous monitoring

  • Conduct and coordinate vulnerability assessments and security scans, working with system administrators to prioritize and verify remediation

  • Perform security auditing and log review across classified systems, investigating anomalies and reporting findings

  • Enforce security policy and configuration management: reviewing proposed system changes for security impact and ensuring baselines stay accreditation-compliant through upgrades

  • Manage user authentication and account lifecycle processes, including access reviews and privileged account oversight

  • Support the accreditation of new and emerging technologies as they transition from lab evaluation to operational networks

  • Serve as the day-to-day security point of contact for your systems, coordinating with ISSMs, government assessors, and authorizing officials, and supporting incident response when needed

Required Qualifications

  • Bachelor's degree and 5+ years of experience as an ISSO supporting information assurance, compliance, accreditation, and operational security within classified environments, or 9+ years of relevant experience in lieu of a degree

  • Working knowledge of the NIST Risk Management Framework (RMF) and hands-on experience producing accreditation artifacts (SSPs, Risk Assessment Reports, C&A packages, SRTMs)

  • Experience with vulnerability assessments, security auditing, and configuration management in classified system environments

  • Experience with security policy enforcement, user authentication, and classified system operations

  • DoD 8570 IAT Level I certification (e.g., A+ CE, Network+ CE, SSCP) — current, or ability to obtain prior to start

  • Active TS/SCI clearance with Full Scope Polygraph completed within the last 7 years

Nice to Have

  • Experience supporting security accreditation for HPC, Linux, or large-scale storage environments

  • Familiarity with eMASS, XACTA, or similar RMF workflow and package management tools

  • Experience with SCAP tools, ACAS/Nessus, and STIG compliance validation

  • Familiarity with continuous monitoring and ongoing authorization approaches in DoD/IC environments

  • Experience supporting security assessments of emerging or non-standard technologies (lab environments, pre-production systems)

  • Scripting or automation experience (Bash, Python) for audit collection or compliance reporting

Growth

This role is a strong fit for an ISSO who wants to work on systems most security professionals never see. You'll be working alongside senior engineers and security staff who have run large mission programs, and at a company our size, the path from ISSO to ISSM, security architect, or customer-facing roles is short and based entirely on performance.

Previous
Previous

HPC Systems Engineer

Next
Next

Information Systems Security Engineer