Demo

(691) Mid Information Systems Security Officer

Arlo Solutions
Washington, DC Full Time
POSTED ON 7/16/2026
AVAILABLE BEFORE 8/15/2026
Company Summary

Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.

Position Description:

The Mid Information System Security Officer (ISSO) (IAM 2) will support the Defense Security Cooperation Agency (DSCA) Cybersecurity (CYBR) team by providing expertise in Risk Management Framework (RMF) activities, security control assessments, controls validation, and continuous monitoring. The role involves ensuring compliance with RMF, IT, and Federal Information System Controls Audit Manual (FISCAM) guidelines, and supporting the cybersecurity responsibilities detailed in the DSCA CYBR Service Catalog.

Work Location: DSCA HQ D.C. or Mechanicsburg PA


Responsibilities and/or Success Factors:
  • Produce all required DOD compliance documentation for RMF, Audit Response and Remediation, Cyber Task Orders, Required Scorecards, Privacy documentation, and other compliance requirements as detailed in the DSCA CYBR Service Catalog.
  • Draft and coordinate cybersecurity-related documentation to meet required standards, controls, and metrics.
  • Support all steps of the RMF process (Steps 0-6) required to gain and maintain DOD Information Network (DODIN) and agency commercial network authority to operate.
  • Assist in categorization, control selection, implementation, and tailoring support, as well as support of assessments from the ISSO role.
  • Prepare and validate controls in eMASS packages for assessment and review.
  • Ensure that control requirements are well-defined and that necessary documentation and evidence are gathered for validation and assessment.
  • Work in the DOD GRC tool Enterprise Mission Assurance Support Service (eMASS) to support control validation.
  • Conduct continuous monitoring of information systems to detect vulnerabilities, threats, and security incidents.
  • Utilize security tools and technologies to perform regular scans, assessments, and analysis of system vulnerabilities.
  • Maintain and update continuous monitoring processes and procedures to ensure they are effective and aligned with organizational requirements.
  • Assist in the configuration and maintenance of security tools and technologies provided by the CSSP.
  • Assist in the detection, analysis, and response to cybersecurity incidents.
  • Participate in incident response activities, including triage, containment, eradication, and recovery.
  • Document and report on incident response activities, providing detailed analysis and recommendations for improvement.
  • Provide support to the Watch Officer in monitoring and managing cybersecurity events and incidents.
  • Maintain situational awareness of the organization's security posture and emerging threats.
  • Assist with the performance of daily and ad hoc/on-demand vulnerability scans, monthly audit scans, and monthly discovery scans.
  • Provide weekly vulnerability compliance reporting to ISSMs.
  • Review and adjust assets, subnets, credentials, and policies to properly manage C5ISR provided Assured Compliance Assessment Solution (ACAS) solutions.
  • Track and ensure configuration compliance of Enterprise Security Services (ESS) Suite with RMF, ATO, and Inspection requirements.
  • Assist with the maintenance of completed security waiver forms in coordination with EADSD and ISSM (PMO).
  • Work with TSD to implement effective scanning, COAMS System Registration, and Continuous Monitoring Scoring (CMRS) Tagging.
  • Maintain and update Ports, Protocols, and Services Management (PPSM) records, including emergency and exception requests.
  • Support the maintenance and accuracy of DoD Allow List entries.
  • Maintain accurate and up-to-date documentation of all RMF, IT, and FISCAM controls validation activities.
  • Prepare and submit regular reports on the status of security controls, RMF activities, and DevSecOps pipeline security.
  • Provide detailed documentation and evidence to support security assessments and audits.
  • Support the maintenance and configuration needed to maintain accurate ingestion of logs from all assets.
  • Provide summaries of events/incidents, including time of event/incident, anomalous activity identified, asset names and IPs, affected users, and POC for outreach/additional actions.
  • Complete Cybersecurity Incident Reporting Forms and assist with the detection and analysis of cybersecurity events and incidents.
  • Support accurate IR POC list, accurate hardware/software and IP inventory, and accurate summary of event/incident.
  • Document efforts involved in mitigating cybersecurity-related events/incidents that occur within the enterprise.
  • Support the generation of performance monitoring reports to monitor asset availability.
  • Support the correlated agency-level POA&Ms

Minimum Qualifications Including Certificates:
  • Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field is required OR additional four (4) years of experience
  • Strong understanding of Risk Management Framework (RMF) processes and security control assessments, including experience with categorization, control selection, implementation, and assessment.
  • Minimum of two (2) years of relevant experience in cybersecurity, information assurance, or a related field.
  • Experience in IT controls validation and familiarity with Federal Information System Controls Audit Manual (FISCAM) guidelines.
  • Experience in incident response, continuous monitoring, and vulnerability management.
  • Proficiency in using security assessment tools and platforms such as eMASS (Enterprise Mission Assurance Support Service).
  • Familiarity with continuous monitoring processes and tools.
  • Experience with incident response processes and tools.
  • Knowledge of cybersecurity frameworks and standards, such as NIST, ISO 27001, and CIS Controls.

Desired Qualifications:
  • Certifications such as CSSP, CISM, CISA, CAP, Security , or equivalent is highly desirable.
  • Experience with OKTA
  • Experience as an ISSO or otherwise prior experience with IT Risk Management Framework Support.

AAP Statement

We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.

Salary.com Estimation for (691) Mid Information Systems Security Officer in Washington, DC
$92,028 to $111,281
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a (691) Mid Information Systems Security Officer?

Sign up to receive alerts about other jobs on the (691) Mid Information Systems Security Officer career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$87,093 - $107,335
Income Estimation: 
$111,725 - $147,313
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$87,093 - $107,335
Income Estimation: 
$111,725 - $147,313
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Arlo Solutions

  • Arlo Solutions Quantico, VA
  • Company Summary Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our rep... more
  • 8 Days Ago

  • Arlo Solutions Albuquerque, NM
  • Company Summary Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our rep... more
  • 11 Days Ago

  • Arlo Solutions Arlington, VA
  • Company Summary Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our rep... more
  • 11 Days Ago

  • Arlo Solutions Philadelphia, PA
  • Company Summary Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our rep... more
  • 1 Day Ago


Not the job you're looking for? Here are some other (691) Mid Information Systems Security Officer jobs in the Washington, DC area that may be a better fit.

  • BAE Systems Springfield, VA
  • Job Description BAE Systems Federal customer is seeking an Information Systems Security Officer (ISSO) who will be responsible for ensuring the confidentia... more
  • 9 Days Ago

  • Mantis Security Corporation Reston, VA
  • What you will be doing: Mantis Security is seeking for immediate placement a highly qualified and technical Information Systems Security Officer (ISSO) to ... more
  • 11 Days Ago

AI Assistant is available now!

Feel free to start your new journey!