SMX is seeking a highly experienced Information System Security Officer (ISSO) – Sr to support a mission-critical federal program in Washington, DC. This individual will serve as a senior cybersecurity professional and trusted advisor responsible for ensuring the security, compliance, and operational integrity of enterprise information systems supporting critical mission functions. The selected candidate will function as the principal advisor to System Owners (SOs), Business Process Owners, Information System Security Managers (ISSMs), and cybersecurity leadership on all matters involving information system security. This role requires extensive experience implementing and maintaining security controls, supporting Risk Management Framework (RMF) activities, leading authorization efforts, and providing technical guidance across multiple systems and projects. The ISSO – Sr will serve as a technical expert responsible for evaluating security posture, mitigating risk, recommending security improvements, and ensuring compliance with federal cybersecurity requirements. This position is on site in Washington, DC and requires an active TS/SCI clearance.  

Essential Duties & Responsibilities:

• Serve as the principal security advisor to System Owners (SOs), Business Process Owners, ISSMs, and program leadership on matters related to information system security
• Lead implementation, maintenance, and continuous improvement of security controls across enterprise systems and applications
• Direct and coordinate RMF activities including system categorization, control implementation, security assessments, authorization activities, and continuous monitoring
• Develop, review, and maintain System Security Plans (SSPs), POA&Ms, Security Assessment Plans, security procedures, and related authorization documentation
• Evaluate system security posture and recommend corrective actions to address risks, vulnerabilities, and compliance deficiencies
• Lead security reviews and assessments to validate implementation and effectiveness of security controls
• Coordinate with engineers, system administrators, developers, and government stakeholders to ensure security requirements are integrated throughout the system lifecycle
• Support Authorization to Operate (ATO) activities and ongoing authorization maintenance efforts
• Direct vulnerability management activities including identification, remediation tracking, risk assessment, and validation of corrective actions
• Review and validate access control implementations, privileged account management, hardware inventories, software inventories, and security configurations
• Develop security reports, dashboards, metrics, and recommendations for government leadership
• Support audit activities, compliance reviews, inspections, and security assessments conducted by internal and external organizations
• Provide guidance regarding physical and logical protection of information system assets
• Evaluate security program effectiveness and recommend improvements to policies, procedures, and operational practices
• Support incident response, security investigations, and remediation activities as required
• Lead major security initiatives and provide mentorship and guidance to junior cybersecurity personnel
• Advise leadership on emerging threats, cybersecurity risks, and security modernization opportunities

Required Skills & Experience

• Active TS/SCI clearance required
• Minimum of 8 years of professional experience supporting cybersecurity, information assurance, RMF, or information system security activities
• Demonstrated experience serving as an ISSO, ISSM support resource, cybersecurity lead, or senior security practitioner within a federal environment
• Extensive experience supporting Risk Management Framework (RMF) activities and Authorization to Operate (ATO) processes
• Experience developing and maintaining SSPs, POA&Ms, Security Assessment Plans, authorization artifacts, and related security documentation
• Strong knowledge of NIST 800-53, NIST 800-37, FISMA, and federal cybersecurity requirements
• Experience implementing, assessing, and maintaining security controls across enterprise information systems
• Experience supporting continuous monitoring programs, vulnerability management, and compliance initiatives
• Experience evaluating system security risks and developing risk-based mitigation strategies
• Experience supporting audits, assessments, inspections, and compliance reviews
• Strong understanding of access control management, security documentation, risk assessment, and security operations
• Strong analytical, troubleshooting, and problem-solving skills
• Ability to communicate technical security concepts to technical and non-technical audiences
• Strong written and verbal communication skills
• Ability to work independently while managing multiple priorities and supporting complex security initiatives

Desired Skills & Experience 

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or related field

• Advanced degree preferred

• Experience supporting federal government, law enforcement, intelligence community, or national security programs

• Experience supporting cloud environments and cloud security compliance requirements

• Experience supporting Governance, Risk, and Compliance (GRC) platforms and security workflow management solutions

• Familiarity with enterprise cybersecurity tools including:

• Splunk

• Tenable Nessus

• Security Center

• SIEM Platforms

• Vulnerability Management Tools

• Endpoint Detection and Response (EDR) Solutions

• Experience supporting Zero Trust initiatives and cybersecurity modernization efforts

• Familiarity with Agile delivery methodologies and DevSecOps practices

• One or more of the following certifications preferred:

• CISSP

• CAP (Certified Authorization Professional)

• CISM

• CASP+

• CCSP

• Security+

• GSEC

• Other relevant cybersecurity certifications

• Experience supervising, mentoring, or leading cybersecurity teams preferred

Application Deadline:  9-4-2026

LI-SA1

The SMX salary determination process takes into account a number of factors, including but not limited to, geographic location, Federal Government contract labor categories, relevant prior work experience, specific skills, education and certifications. At SMX, one of our Core Values is to Invest in Our People so we offer a competitive mix of compensation, learning & development opportunities, and benefits. Some key components of our robust benefits include health insurance, paid leave, and retirement.

The proposed salary for this position is:

$105,200—$176,900 USD

At SMX®, we are a team of technical and domain experts dedicated to enabling your mission. From priority national security initiatives for the DoD to highly assured and compliant solutions for healthcare, we understand that digital transformation is key to your future success.

We share your vision for the future and strive to accelerate your impact on the world. We bring both cutting edge technology and an expansive view of what’s possible to every engagement. Our delivery model and unique approaches harness our deep technical and domain knowledge, providing forward-looking insights and practical solutions to power secure mission acceleration.

SMX is an Equal Opportunity employer including disabilities and veterans.

Selected applicant may be subject to a background investigation and/or education verification.

SMX does not sponsor a new applicant for employment authorization or immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer).