Information Systems Security Officer (ISSO), Java / Application Security

Job DetailsJob Location: 5250 W 116TH PLACE - LEAWOOD, KS 66211Position Type: Full-Time - Clearance NeededThe Work: Join a Mission That Matters Torch.AI builds the AI Control Layer for the United States Government—foundational infrastructure that turns complex, multi-domain data into operational decision advantage. Our platform is accredited, deployed, and operating today across enterprise clouds and tactical edge environments. We support billing and reporting, multi-INT fusion, predictive movement analysis, targeting workflows, anomaly detection, and decision support for cross-domain operations including ISR, information advantage, joint effects, and force protection. In 2021, Torch.AI acquired The Data Tech Group (DTG), a trusted provider of mission-critical software and sustainment support. Torch.AI (DTG) plays a key role in supporting the Defense Information Systems Agency (DISA) Telecommunications Inventory and Billing Information (TIBI) program. The system manages and reconciles telecommunications service inventory and associated billing data for DoW customers. It provides visibility into telecom assets such as circuits and services, links those assets to customer accounts, and supports accurate chargeback and financial tracking by aligning service inventory records with billing information. This role offers the opportunity to lead and maintain the security posture of a mission-critical DISA system while working at the intersection of cybersecurity, compliance, and software delivery. You will play a central role in sustaining ATO accreditation, managing vulnerabilities, and shaping secure modernization efforts—partnering closely with both government stakeholders and engineering teams to ensure systems remain secure, compliant, and operationally effective. If you’re driven to strengthen U.S. defense readiness and protect national interests, Torch.AI (DTG) offers meaningful impact at national scale. What Makes Us Different Torch.AI believes the government must own its data, its decision environment, and its reasoning infrastructure. Our capabilities increase the value of existing systems of record rather than replacing them. We measure performance by accuracy, latency, and efficiency, not slideware benchmarks. You’ll join a team (DTG) who has spent the last 20+ years providing DISA with excellent service quality, expertise, and customer satisfaction. You’ll be a key part of Torch.AI’s team of engineers, data experts, veterans, and mission practitioners dedicated to delivering operational AI that runs in production—at speed, at scale, and under real-world constraints. You’ll own meaningful work, move quickly, and see your systems deployed in production, often within weeks. We are fast-paced, entrepreneurial, and mission-driven. Every day is a new puzzle.   Responsibilities What You’ll Do Security & Compliance Maintain the security posture of TIBI systems in compliance with DoD and DISA cybersecurity requirements. Lead and support Risk Management Framework (RMF) activities, including development, maintenance, and submission of ATO documentation. Ensure compliance with: NIST 800-53 controls DISA STIGs (Oracle, SQL Server, OS-level) DISA CTO and INFOCON requirements Conduct and maintain STIG checklists, vulnerability tracking, and remediation activities. Analyze and remediate vulnerabilities identified through ACAS (Nessus) and HBSS tools. Manage POA&Ms, track remediation progress, and ensure timely resolution of findings. Support CYBERCOM IAVA compliance through patching coordination and validation. Generate and maintain cybersecurity reporting, including system status, patching, compliance posture, and risk tracking. Audit access controls, user permissions, and data access patterns to ensure least-privilege enforcement. Develop and maintain security documentation including: System Security Plans (SSPs) Architecture and configuration diagrams Incident Response Plans (IRPs) Continuity of Operations Plans (COOPs) Support incident response, investigation, and recovery activities as required. Collaborate with ISSM and government stakeholders to respond to taskers, audits, and evolving cybersecurity requirements. System Documentation & Architecture Support Develop and maintain system architecture diagrams, data flows, and interdependency mappings. Document system configurations, dependencies, and operational workflows to support accreditation and sustainment. Identify system risks and critical paths that impact security posture and operational continuity. Software Modernization & System Support Support application-level security by collaborating with engineering teams on secure coding practices and remediation efforts. Contribute to Java-based backend enhancements supporting long-term TIBI modernization (Java preferred). Identify and propose modernization opportunities across architecture, data flows, and integration patterns. Support data engineering tasks, including data transformation, ETL refinement, and performance optimization. Configure and deploy Torch.AI data ingestion and orchestration capabilities to enhance TIBI workflows. Collaborate closely with Torch.AI engineering teams to integrate modern data movement, semantic processing, and orchestration patterns. Assist with integration testing, release validation, and troubleshooting in secure environments. Support database-level security considerations including auditing, access control, and performance impacts of security controls. Participate in system modernization efforts by identifying security implications of architectural changes. Provide technical input to ensure modernization efforts align with compliance and accreditation requirements. Project & Operational Support Coordinate with developers, system administrators, cybersecurity personnel, and program leadership. Support release cycles, change management processes, and deployment readiness from a security perspective. Ensure systems remain compliant across development, test, and production environments. Maintain documentation, SOPs, and operational artifacts supporting secure system delivery. QualificationsCore Skills & Qualifications Active Secret clearance (minimum). U.S. citizenship required. Torch.AI does not sponsor employment visas. Active DoD 8570 IAT Level II or IAM Level II certification (e.g., Security+, CISSP, CISM, CAP). Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent experience). 5+ years of experience as an ISSO supporting DoD or federal information systems. Strong working knowledge of: DoD Risk Management Framework (RMF) NIST 800-53 controls STIG compliance and validation Experience with vulnerability management tools (ACAS/Nessus) and HBSS (ePO). Experience managing ATO packages, POA&Ms, and accreditation artifacts. Familiarity with DISA, CYBERCOM IAVAs, and federal cybersecurity compliance processes. Experience developing technical documentation including system diagrams and security plans. Strong understanding of access control models, auditing, and secure system design. Strong analytical, organizational, and problem-solving skills. Ability to manage multiple priorities in a high-tempo, compliance-driven environment. Additional Valuable Experience Java development experience supporting backend services or secure application environments. Experience working directly with engineering teams to implement secure development practices. Familiarity with Oracle and SQL Server environments, including security configuration and auditing. Experience supporting ICAM integration or identity/access management initiatives. Experience supporting system modernization or migration efforts in secure environments. Familiarity with ETL pipelines, data platforms, or data ingestion systems. Experience supporting DoD, DISA, or Intelligence Community programs. Experience operating in classified or cloud-isolated environments (e.g., C2S, SC2S). Experience integrating security into CI/CD pipelines (DevSecOps practices).