Information System Security Officer (ISSO)/Incident Response Analyst (15.28)

Information System Security Officer (ISSO) / Incident Response Analyst

OCT Consulting is a business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.

Responsibilities and Duties

OCT currently has an opening for an Information System Security Officer (ISSO) / Incident Response Analyst to work with our federal client. This hybrid role may require some onsite presence as the client desires for meetings and system support.

This position is contingent upon contract award.

Day to day responsibilities include:

● Serve as a ISSO responsible for maintaining the appropriate operational security posture for assigned IT systems in accordance with DoDI 8500.01, AFI 17-101, and AFMAN 17-1301.

● Carry out RMF activities at the organizational, mission, business process, and information system levels to support enterprise-wide cybersecurity risk management.

● Support system security categorization using NIST SP 800-60 Volume 2 and FIPS 199, applying government-provided formats and guidance.

● Prepare and maintain system registration artifacts, system descriptions, and the System Security Plan (SSP) throughout the system lifecycle.

● Implement and manage the technical and procedural security controls defined in NIST SP800-53 Rev. 5, ensuring controls are documented and traceable within the SSP.

● Support configuration management and maintain documentation related to change requests, baselines, waivers, and implementation status.

● Maintain Plan of Action and Milestones (POA&Ms), track remediation progress, and ensure timely updates to risk mitigation activities.

● Create, maintain, and conduct annual reviews of the Incident Response Plan, associated SOPs, and system-level security documentation.

● Respond to cybersecurity incidents in accordance with the Government-approved Incident Response Plan, performing Tier 1/2 response actions, documentation, escalation, and coordination with cybersecurity teams.

● Develop and maintain cybersecurity documentation deliverables including:

o Memorandums of Understanding (MOUs)

o Interconnection Security Agreements (ISAs)

o Decommissioning Security Status Reports

o Impact Assessment Reports

o Incident Response Plans and Procedures

o Risk Assessments and SOPs

● Coordinate with system owners, administrators, developers, and cybersecurity staff to ensure continuous authorization and risk awareness.

● Ensure all RMF documentation and entries in eMASS are current, complete, and aligned with compliance requirements.

● Participate in system assessments, control evaluations, and briefings, supporting the ISSM in managing risk posture and authorization status.

Qualifications/Requirements

● Must be a U.S. Citizen

● Bachelor of Science degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an Accreditation Board for Engineering and Technology (ABET) accredited or Certified Association Executive (CAE) designated institution preferred.

● At least four years of relevant work experience preferably as an ISSO within the United States Air Force (USAF) or a similar environment.

● Familiarity with eMASS, ACAS, and DoD incident response procedures

● Required Certifications: Security+ or SSCP + CBROPS or PenTest+

● Must hold Active Tier 3 (secret) security clearance.

● Proximity to USAF Academy, CO 80840 a plus

Benefits

OCT offers competitive compensation packages and a full suite of benefits which includes:

● Medical, Dental, and Vision insurance

● Retirement savings 401K plan provided by an industry leading provider with 3% employer contributions of the employee’s gross salary

● Paid Time Off and Standard Government Holidays

● Life Insurance, Short- and Long-Term disability benefits

● Training Benefits

Salary Range:  $50,000- $250,000yearly commensurate with experience, education, etc.

About OCT Consulting

OCT Consulting LLC is a minority-owned, Small ​Disadvantaged Business (SDB) providing professional services and information technology solutions to the Federal government and commercial clients. Founded in 2013, we bring the advantage of agility in operations along with a management team with a track record of leading successful engagements at major Federal government agencies.

At OCT, we are committed to ensuring equal opportunity for all individuals, recognizing that merit and qualifications are the foundation of our hiring, promotion, and development practices. We believe in creating a work environment where employees can thrive based on their abilities, skills, and achievements. Our practices ensure fair treatment and equal access to opportunities for all, regardless of race, ethnicity, gender, sexual orientation, age, abilities, or other personal characteristics. We are dedicated to providing career growth and professional development based on individual merit and fostering a workplace where everyone’s contributions are valued and recognized.