Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Ensure the security of information systems and implement federal cybersecurity frameworks.
- Company: Join a leading tech firm supporting critical U.S. government agencies.
- Benefits: Competitive salary, health benefits, and opportunities for professional growth.
- Why this job: Make a real difference in cybersecurity while working on impactful projects.
- Qualifications: Bachelor's degree with extensive IT security experience and a current SECRET clearance.
- Other info: Fast-paced environment with excellent career advancement opportunities.
The predicted salary is between 60000 - 80000 £ per year.
SAIC is seeking a Senior Information Systems Security Officer (ISSO) to support a critical U.S. government agency in the Hampton Roads area. This senior‑level role is responsible for ensuring the security and compliance of agency information systems by implementing and managing security controls aligned with federal cybersecurity frameworks, including the NIST Risk Management Framework (RMF), FISMA, and NIST SP 800‑53. This role will be directly involved in the accreditation, maintenance, and reaccreditation of the Authority to Operate (ATO) of multiple platforms, in direct support of the Information System Security Manager (ISSM) and senior cybersecurity leadership. This position is an in‑person on‑site standard work week in Hampton, VA with little to no remote work authorized.
Responsibilities:
- Develop, implement, and maintain IT security controls in accordance with NIST SP 800‑53, RMF, and agency security policies.
- Support the preparation, review, and submission of Security Authorization packages, including the System Security Plan (SSP), Security Assessment Report (SAR), and Plan of Action and Milestones (POA&M).
- Coordinate and prepare systems for Security Control Assessments (SCA), ensuring all artifacts are accurate and complete.
- Conduct and document Security Impact Analyses (SIAs) for changes to hardware, software, cloud infrastructure, or connectivity.
- Participate in configuration and change control processes, ensuring secure baselines are maintained and reflected in documentation.
- Assist in system categorization and validate asset inventories to ensure appropriate control baselines are applied.
- Assess control implementation effectiveness and identify deficiencies for remediation or risk acceptance.
- Document business justifications and mitigation strategies for risk acceptance proposals for Authorizing Officials.
- Support Continuous Monitoring by reviewing security alerts, system changes, and compliance evidence to ensure ongoing authorization.
- Contribute to the development, revision, and enforcement of security policies, procedures, and technical guidelines.
- Participate in internal IT governance processes, including exception handling, standards reviews, and control waivers.
- Support security awareness and training compliance for personnel with system access.
- Monitor evolving threats and recommend adaptive security controls in response to risk landscape changes.
- Prepare high‑quality technical documentation, status reports, and risk briefings for internal and external stakeholders.
Qualifications:
- Bachelor's degree and 9+ years of IT security or systems security engineering experience, or Master's degree with 7+ years of experience.
- Hold a current SECRET clearance with the ability to obtain and maintain a TS/SCI.
- Hands‑on experience implementing and managing security controls in enterprise or federal IT environments.
- Strong understanding of the NIST RMF, NIST SP 800‑53, FISMA, and federal security policies including EO 14028 and OMB M‑22‑09.
- Experience applying the above policies to environments or enterprises in all levels of classification.
- Experience performing risk assessments, preparing ATO documentation, and tracking control deficiencies in POA&M.
- Experience with GRC and SA&A tools such as eMASS or Xacta.
- Working knowledge of cloud security (AWS, Azure) and hybrid or multi‑cloud environments.
- Proficient in network and system security concepts, including IDS/IPS, VPNs, encryption, secure baselining, and OS hardening.
- Experience supporting third‑party security assessments or audits.
- Strong documentation, reporting, and communication skills, including the ability to convey complex technical issues to non‑technical audiences.
- Proficient in Office365 (Word, Excel, PowerPoint, etc.).
Preferred Qualifications:
- Current cybersecurity certification such as CISSP, CISM, or SecurityX. CISSP Preferred.
- Familiarity with FedRAMP, cloud compliance requirements, and federal privacy regulations.
- Knowledge of OWASP Top 10 and modern application security best practices.
- Understanding of adversary TTPs and frameworks such as MITRE ATT&CK.
- Ability to work independently and manage priorities in a fast‑paced, dynamic environment.
Information Systems Security Officer in Hampton employer: SAIC
Contact Detail:
SAIC Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Systems Security Officer in Hampton
✨Tip Number 1
Network like a pro! Attend industry events, meetups, or webinars related to cybersecurity. Connecting with professionals in the field can open doors and give us insider info on job openings that might not be advertised.
✨Tip Number 2
Prepare for interviews by brushing up on your technical knowledge and soft skills. We should practice common interview questions and scenarios specific to information systems security. Role-playing with a friend can help us feel more confident!
✨Tip Number 3
Showcase our expertise! Create a portfolio or a personal website where we can highlight our projects, certifications, and any relevant experience. This gives potential employers a tangible way to see what we bring to the table.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure our application gets noticed. Plus, we can tailor our application to align with the specific needs of the role, making it stand out even more.
We think you need these skills to ace Information Systems Security Officer in Hampton
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Information Systems Security Officer role. Highlight your experience with NIST RMF, FISMA, and any relevant security controls you've implemented. We want to see how your skills align with what we're looking for!
Showcase Your Experience: When detailing your work history, focus on your hands-on experience in IT security and systems security engineering. Mention specific projects where you’ve developed or maintained security controls, as this will really catch our eye. We love seeing real-world examples!
Be Clear and Concise: Keep your application clear and to the point. Use bullet points for your achievements and responsibilities to make it easy for us to read. Remember, we’re looking for strong documentation skills, so show us you can communicate effectively right from the start!
Apply Through Our Website: Don’t forget to submit your application through our website! It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it gives you a chance to explore more about StudySmarter and what we stand for!
How to prepare for a job interview at SAIC
✨Know Your Frameworks
Make sure you brush up on the NIST Risk Management Framework and NIST SP 800-53. Be ready to discuss how you've implemented these in past roles, as well as any challenges you faced and how you overcame them.
✨Prepare Your Documentation
Familiarise yourself with Security Authorization packages like the System Security Plan (SSP) and Security Assessment Report (SAR). Bring examples of your previous work or be prepared to explain how you would approach these documents in this role.
✨Showcase Your Technical Skills
Be ready to talk about your hands-on experience with security controls, especially in federal IT environments. Highlight your knowledge of cloud security and tools like eMASS or Xacta, as these will be crucial for the position.
✨Communicate Clearly
Since you'll need to convey complex technical issues to non-technical audiences, practice explaining your past projects in simple terms. This will demonstrate your communication skills and ability to work with diverse teams.