Information System Security Officer (ISSO) Journeyman

Torch Technologies has an exciting opportunity for an Information System Security Officer (ISSO) Journeyman to support the Aerospace Dominance Enabler Division (AFLCMC/C3BM) at Hill AFB in Ogden Utah to support

the protection, accreditation, and ongoing security posture of Air Force information systems. In this role, you will work closely with the Information System Security Manager (ISSM) to ensure systems meet all DoD and Air Force cybersecurity requirements, align with the Risk Management Framework (RMF), and maintain the confidentiality, integrity, and availability of critical networks and data.

As a Cybersecurity Engineer, Journeyman your duties will include, but are not limited to:

• Conduct risk assessments, support accreditation activities, evaluate system security controls, and help enforce policies, configurations, and user access standards.

• Monitoring for vulnerabilities, assisting with incident response actions, maintaining compliance artifacts, and supporting secure system design efforts.

• Ensure all systems and applications meet DoW and Air Force cybersecurity requirements as directed by the Information System Security Manager (ISSM).

• Protect the confidentiality, integrity, and availability of systems, networks, and data by developing, implementing, and maintaining cybersecurity programs, policies, procedures, and security tools.

• Support all Risk Management Framework (RMF) authorization and accreditation activities, including configuration, artifact creation, documentation, and compliance reviews.

• Assist the ISSM in performing risk and vulnerability assessments on planned and operational information systems, identifying security gaps and recommending mitigation actions.

• Conduct security evaluations, audits, and reviews; support development of system contingency and disaster recovery plans; and promote user compliance with cybersecurity policies and training requirements.

• Participate in system and network design efforts to ensure appropriate security controls and RMF activities are incorporated from the start.

• Assist in the collection, analysis, and preservation of digital evidence related to cybersecurity incidents or policy violations.

• Maintain the operational security posture of assigned IT systems, monitor situational awareness, and implement actions to improve or restore cybersecurity resilience.

• Enforce Air Force cybersecurity policies, procedures, configuration guidelines (e.g., STIGs/SRGs), and change management processes.

• Maintain and audit authorized user access documentation and ensure users meet clearance, needtoknow, and annual training requirements.

• Report security incidents or vulnerabilities to the ISSM and support implementation of corrective or protective measures.

• Initiate and track exceptions, deviations, or waivers to cybersecurity requirements as needed.

Required Qualifications: