This job requires an active Top Secret / SCI clearance with CI Polygraph. Please apply only if you currently hold an active Top Secret clearance with SCI and a CI Polygraph.
North Point Technology is hiring an Information System Security Officer (ISSO) to own, harden, and scale the security posture of NGA’s Chinook enterprise. You’ll drive RMF/ICD-503 A&A to ATO, lead vulnerability management across multiple enclaves, and ship pragmatic controls that safeguard GEOINT systems and accelerate mission delivery.
Location: Gaithersburg, MD (onsite; primary program location)
Clearance: Top Secret with SCI eligibility; able to obtain Polygraph
Responsibilities
Lead RMF/ICD-503 Assessment & Authorization (A&A) activities; coordinate with NGA DAOs/DAORs to achieve/maintain ATO.
Maintain security documentation (SSPs, POA&Ms, SIA/SIAs, CONOPS, ITDR) in Service+ (ServiceNow), XACTA/XACTA 360, and NPT/CIO tools.
Drive security changes via steering groups/review boards; track milestones and risk burn-down.
Perform/control testing of security controls; assess Zero Trust/defense-in-depth effectiveness and compliance with IC/DoD/NIST/DISA standards.
Operate the vulnerability management program across (U)/(S)/(TS) enclaves using Nessus and Tenable-ACAS; analyze results, prioritize fixes, verify mitigations, and manage POA&M status.
Advise lab and operations teams on secure SDLC, hardening (e.g., STIGs), and best practices; resolve complex security issues.
Address IA/cyber directives, vulnerability and patch tasking; document changes, upgrades, and connectivity configurations.
Provide user training; manage access provisioning and IAA (identification, authentication, authorization).
Collaborate with Systems Engineers/Admins, Senior ISSO/ISSMs, Lab Team, and Corporate Security to sustain an effective security posture.
Basic Qualifications
U.S. citizenship (per contract).
BS degree and 8–12 years of relevant ISSO/ cybersecurity experience.
Demonstrated application of ICD-503 and NIST RMF; familiarity with customer mission/security operations.
Experience with: XACTA (XACTA 360 preferred), HBSS, ACAS, Nessus, Splunk.
Strong written/verbal communication; ability to brief leadership and lead cross-functional efforts.
Preferred Qualifications
3+ years operating/analyzing vulnerability scans (Nessus, Tenable Security Center or similar) with proven remediation outcomes.
Active CISSP or CISM.
Intelligence Community experience; knowledge of AWS/C2S and modern Zero Trust implementations.
North Point Technology is THE BEST place to work for curious-minded engineers motivated to support our country’s most crucial missions! We focus on long term projects, leveraging the latest technology in support of innovative solutions to solve our customer’s most difficult problems.
At North Point Technology, EMPLOYEES come first! We value our employees by providing excellent compensation, benefits, and a flexible work-life balance. We strive for a close-knit and open atmosphere where the owners are always directly available to our team members.
Come join us! Apply with North Point Technology today!