We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Woods Hole Oceanographic Institution jobs

Information System Security Officer

Woods Hole Oceanographic Institution
United States, Massachusetts, Woods Hole
Oct 03, 2025

Job Summary

Job Description

Woods Hole Oceanographic Institution is searching for a highly skilled and cleared Information System Security Officer (ISSO) / Classified Systems Information Assurance Analyst to join our team, focusing exclusively on the security of classified information systems and networks. This critical role is responsible for ensuring the confidentiality, integrity, and availability of sensitive government information in accordance with stringent U.S. government (USG) security directives.

The ISSO will be instrumental in the authorization and accreditation(A&A) process, continuous monitoring, incident response, and the implementation of robust security controls for classified environments. The ideal candidate will possess a deep understanding of relevant security frameworks, policies, and a proven track record of maintaining secure classified systems.This is a regular, full-time, exempt position, and is eligible for full benefits.

ESSENTIAL FUNCTIONS

Authorization & Accreditation (A&A) / Risk Management Framework (RMF):

  • Lead or support the development, review, and submission of comprehensive security authorization packages (e.g., System Security Plans (SSPs), Risk Assessment Reports, Contingency Plans, Plan of Action and Milestones (POA&Ms)) for classified systems.

  • Ensure all classified systems maintain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC) in accordance with RMF or legacy A&A processes (e.g., DIACAP).

  • Interpret and apply USG security policies, regulations, and guidelines, including but not limited to: NISPOM, DoD Instruction 8500.01, NIST SP 800-53, DCID 6/3, ICD 503, JSIG, and DISA STIGs.

Security Control Implementation & Enforcement:

  • Design, implement, and maintain security controls specific to classified systems, including secure configurations, access controls, auditing, media control, and classified spillage prevention/response.

  • Configure and manage specialized security tools relevant to classified environments (e.g., Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), Data Loss Prevention (DLP) solutions).

  • Perform rigorous hardening of operating systems (Windows, Linux), applications, and network devices based on DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs).

Vulnerability Management & Continuous Monitoring:

  • Conduct vulnerability scans, analyze results, and work with system administrators to remediate security weaknesses on classified systems.

  • Oversee and perform continuous monitoring activities, including reviewing audit logs, security events, and system alerts for anomalous behavior.

  • Track and ensure compliance with Information Assurance Vulnerability Management (IAVM) directives.

Incident Response & Classified Spillage:

  • Act as a primary point of contact and lead for security incidents and classified spillage events on assigned systems.

  • Execute incident response procedures, including containment, eradication, recovery, and detailed reporting to relevant government authorities.

  • Participate in forensic investigations as required for classified incidents.

Compliance & Audit Support:

  • Maintain meticulous documentation of all security artifacts, configurations, policies, and procedures for classified systems.

  • Support internal and external security inspections, audits, and assessments by government agencies (e.g., DCSA, DSS, NSA).

  • Develop and implement standard operating procedures (SOPs) for the secure operation of classified systems.

User Training & Guidance:

  • Provide guidance and training to users on proper handling, marking, and safeguarding of classified information and operation of classified systems.

  • Ensure all personnel accessing classified systems meet training requirements (e.g., security awareness, insider threat).

Configuration Management:

  • Manage and control changes to the hardware, software, and firmware of classified systems to maintain their security posture and accreditation.

MINIMUM QUALIFICATIONS

Security Clearance:

  • Active U.S. Government Security Clearance required at the SECRET level or above.

Education:

  • Bachelor's degree in Computer Science, Information Security, Cybersecurity, or equivalent experience.

Experience:

  • 5 years of dedicated experience in Information Assurance/Cybersecurity within classified government or defense environments.

  • Demonstrable expertise in the Risk Management Framework (RMF) or equivalent A&A processes (e.g., DIACAP).

  • Hands-on experience with security tools and technologies used in classified environments (e.g., ACAS, HBSS, SIEM, dedicated firewalls).

  • Proven experience with DISA STIGs and their application to various operating systems and applications.

Technical Skills:

  • Strong understanding of network protocols, operating systems (Windows, Linux/Unix), and virtualized environments in a classified context.

  • Experience with encryption technologies and COMSEC devices.

  • Knowledge of scripting languages (e.g., PowerShell, Python, Bash) for automation and auditing is a plus.

Desired Certifications:

  • CISSP (Certified Information Systems Security Professional)

  • DoD 8570.01-M IAT Level II (e.g., CompTIA Security+, CySA+, CCNA Security, SSCP) or higher (IAM Level I, II, or III).

  • GIAC Certifications relevant to incident handling, forensics, or security auditing (e.g., GCIH, GCFA, GCCC, GSNA)

Additional Job Requirements

($114,000 to $148,000)

The salary range provided for this position reflects the expected minimum and maximum base pay for new hires. Actual compensation will be determined based on factors such as relevant skills, experience, and qualifications, as well as internal equity and market conditions. In addition to base salary, eligible employees also receive a comprehensive benefits package.

WHOI accepts applications on a rolling basis - applications will be reviewed as they are received, and we encourage you to submit your application as soon as possible to ensure full consideration. While we will continue to review applications until the position is filled, and early applicants may have an advantage in the selection process.

EEO Statement

Woods Hole Oceanographic Institution (WHOI) provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Applied = 0
MORE JOBS LIKE THIS

(web-759df7d4f5-28ndr)