Senior Information System Security Officer

GENERAL DESCRIPTION

• The Senior Information System Security Officer (ISSO) is responsible for developing, maintaining, and overseeing the implementation of robust security policies, procedures, and controls for on-premises and Azure GCC High environments. This role ensures compliance with NIST 800-171 and Cybersecurity Maturity Model Certification (CMMC) Levels 1 through 3. The ISSO collaborates with stakeholders, manages security audits, and ensures the organization's security posture meets high standards.

DUTIES

• Develop, maintain, and enforce cybersecurity policies, System Security Plans (SSPs), and documentation in compliance with NIST 800-171 and CMMC requirements.
• Lead the implementation and management of security controls for on-premises and Azure GCC High environments.
• Collaborate with internal teams and external auditors to ensure successful NIST 800-171 and CMMC assessments.
• Conduct security gap analyses and implement remediation measures to achieve and maintain compliance.
• Oversee incident response and reporting processes, ensuring timely mitigation and documentation of security events.
• Provide cybersecurity training and awareness programs for employees and contractors.
• Manage and maintain compliance with DoD 8570 certification requirements.
• Act as the primary liaison for external CMMC C3PAOs and assist with certification audits.
• Perform vulnerability assessments, manage POA&Ms, and track risk mitigation efforts.
• Ensure data protection through robust encryption, access controls, and monitoring mechanisms.
• Other duties as assigned.

EDUCATION/EXPERIENCE REQUIREMENTS

• Active Secret clearance is required.
• Bachelor's degree in Cybersecurity, Information Technology, or related field.
• Minimum of 10 years of experience in IT security, compliance, and risk management.
• Advanced DoD 8570 certification (e.g., CISSP required; CISM or CRISC preferred).
• Expertise in NIST 800-171 and CMMC Levels 1-3 frameworks.
• Hands-on experience with Azure GCC High environments.
• Experience with NIST 800-171 and CMMC audits (preferred).
• Knowledge of CMMC C3PAO operations (preferred).
• CMMC Certified Professional (CCP) or CMMC Certified Assessor (CCA) preferred.
• Excellent customer support and written/verbal skills
• Ability to grasp advanced technical principles, theories, and concepts and creatively solve problems
• Advanced knowledge and understanding of a range of computer, networking, software systems and related technologies
• Strong interpersonal and communication skills and the ability to work effectively. Must possess the ability to communicate technical information to non-technical personnel
• Some after hours and weekend work may be required.
• Must be a US Citizen.
• We maintain a drug-free workplace and perform post offer, pre-employment substance abuse testing.

PHYSICAL REQUIREMENTS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skills, and/or abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform essential job functions.

• Must be able to walk or stand on level and/or inclined surfaces and sit for extended periods of time.
• Must be able to routinely climb / descend stairs and/or ladders.
• On occasion must be able to lift 50 pounds.
• Must be able to routinely grasp or handle objects, use finger dexterity, bend elbows / knees, and reach above / below shoulders.
• Works in a normal office environment with controlled temperature and lighting conditions.

EQUAL OPPORTUNITY EMPLOYER/ VEVRAA/ ADA

• TNC and its subsidiaries fall under ANCSA and are entitled under Federal Law to extend hiring preferences to its shareholders. ANCSA provides TNC the authority to give shareholder preference in hiring. TNC reaffirms its belief in equal employment opportunity for all employees and applicants for employment. Tyonek is an Equal Opportunity Employer and a VEVRAA Federal Contractor who affords equal employment opportunity to protected veterans and people with disabilities: Tyonek Native Corporation provides all employees and job applicants' equal employment opportunities in hiring and promotion without discrimination because of age, sex, sexual orientation, genetic information, gender identity, marital status, race, religion, color, veteran status, physical or mental disability, national origin, or any other reason prohibited by law.