Information Systems Security Officer (ISSO)
Firestorm
San Diego, CA, USA
USD 125k-160k / year
Posted on May 21, 2025
Information Systems Security Officer (ISSO)
San Diego, CA
Operations
In office
Full-time
Who We Are
At Firestorm, we’re on a mission to revolutionize how defense solutions are designed and delivered. Our goal is to empower U.S. ally nations to effectively deter aggressors—regardless of their defense budget—through innovative, cost-efficient technologies. We call this vision “democratized deterrence.” As a VC-backed company at the intersection of defense and Silicon Valley, we’re pioneering the development of mission-adaptable aerial vehicles that put power back into the hands of operators. By prioritizing operator effectiveness, we’re pioneering a new era of aerial vehicle design. We aim to upend the traditional defense procurement model by delivering world-class capabilities at a fraction of the usual cost. Join us at Firestorm as we redefine defense procurement, making cutting-edge technology accessible to all at a fraction of the cost.
About the Role
We are looking for a highly skilled and motivated Information Systems Security Officer (ISSO) to join our team onsite at our San Diego office. Reporting to the Director of Operations, you will be at the forefront of developing, implementing, and upholding our company's digital security compliance strategy and information security, ensuring compliance with stringent government regulations and standards. Your expertise will be crucial in protecting our sensitive data, managing risks, overseeing our Facility Security Clearance (FCL), and ensuring that our operations meet all required cybersecurity maturity models and information control protocols. With expertise in NIST, DFARS, ISO 27001, and classified information management, you will play a key role in securing our operations and maintaining compliance with defense industry requirements. If you’re passionate about safeguarding critical data and upholding the highest standards of security, we’d love for you to join us at Firestorm.
This position is required to be on-site daily in the San Diego, CA office.
What You’ll Do
- Develop, implement, and maintain the company's information security policies, standards, and procedures to ensure compliance with NIST SP 800-171, DFARS 252.204-7012, and other relevant regulations.
- Lead efforts to achieve and maintain compliance with CMMC and ISO 27001, including coordinating certification processes and managing ongoing audits.
- Oversee the protection of Controlled Unclassified Information (CUI) and other controlled information.
- Manage and maintain the company's Facility Security Clearance (FCL), serving as the primary point of contact (FSO) for all matters related to classified information security.
- Implement and oversee procedures for handling classified information, ensuring compliance with all applicable government regulations and directives.
- Conduct regular risk assessments and vulnerability analyses to identify and mitigate potential security threats, including those related to classified information systems.
- Coordinate with internal teams to integrate security controls into all aspects of operations, including product development and supply chain management.
- Serve as the primary liaison with government agencies and customers regarding information security compliance, FCL matters, and reporting.
- Develop and manage the incident response plan, leading investigations and remediation efforts, in the event of security breaches or incidents involving classified or sensitive information.
- Provide training and awareness programs to educate employees on information security policies, procedures, best practices, and the handling of classified information.
- Stay current with evolving regulatory requirements, emerging threats, and industry best practices to continuously improve the company's security posture.
- Collaborate with our DevSecOps team on the design, implementation and maintenance of cATO (continuous Authority to Operate) pipelines.
- Collaborate with IT and engineering teams to ensure secure system architectures and data protection mechanisms are in place, especially for systems processing classified information.
- Must be willing to travel up to 10%
Qualifications
- Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field.
- Minimum of 7 years of experience in information security management, with at least 3 years in a leadership role.
- Extensive knowledge of NIST SP 800-171, DFARS 252.204-7012, ISO 27001, CUI handling requirements, and classified information security protocols.
- Proven experience in developing and implementing information security programs and achieving compliance with regulatory standards.
- Strong understanding of risk management principles and experience conducting risk assessments and vulnerability management, including in classified environments.
- Experience with incident response planning and execution, particularly concerning classified information.
- Familiarity with data protection laws and regulations.
- Excellent communication skills, with the ability to articulate complex security requirements to technical and non-technical stakeholders.
- Must be a U.S. Person due to the nature of work & required access to U.S. export-controlled information
- Ability to obtain and maintain a U.S. Government security clearance.
Preferred Qualifications
- Professional certifications such as CISSP, Security+, CISM, CISA, ISP® (Industrial Security Professional), or other DoD Approved 8570 Baseline Certification in the Information Assurance Management (IAM) Level III category.
- Defense or aerospace industry experience a plus.
- Familiarity with cybersecurity maturity models like CMMC (Cybersecurity Maturity Model Certification).
- Experience managing Facility Security Clearances (FCL) and handling classified information within a defense contractor environment.
- Experience with security audit processes and interfacing with regulatory auditors.
- Experience with informing design and implementation cATO pipelines.
- Experience with classified information systems (e.g., Joint Worldwide Intelligence Communications System - JWICS, Secret Internet Protocol Router Network - SIPRNet).
- Experience with Special Access Programs (SAP) and Sensitive Compartmented Information (SCI).
- Knowledge of cloud security principles and experience securing cloud environments handling classified or sensitive data.
Compensation
US Salary Range: $125,000 - $160,000 USD
The posted salary range reflects an estimate based on a variety of compensation factors, including but not limited to relevant experience, education, certifications, specialized skills, geographic location, and business needs. Actual compensation may vary, and this range is subject to change as our compensation structure or market conditions evolve.
Benefits & Perks
Our culture fosters collaboration, respect, and trust, empowering passionate people to do their best work. We offer a competitive salary, comprehensive benefits, and opportunities for career growth. In addition to an opportunity to take part in an innovative, collaborative and fast-growing business with a highly motivated and skilled team, we also take pride in taking care of our employees. Here are just a few ways that we show our appreciation:
- We offer comprehensive medical, dental, and visions plans
- 401(k) Retirement Savings Plan to invest in your long-term retirement goals
- Unlimited PTO
- Generous Parental Leave
- FSA
- HSA
- Hospital Indemnity insurance
- Critical Illness insurance
- Accident insurance
- Basic Life/AD&D, short-term and long-term disability insurance, 100% covered by Firestorm. Plus, the option to purchase additional life insurance for you and your family.
- Mental Health Resources: We provide free mental health resources 24/7 including therapy and more. Additional work-life services, such as free legal and financial support, are available to you as well.
ITAR Compliance
To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or otherwise eligible to obtain the required authorizations from the U.S. Department of State.
Equal Opportunity Statement
Firestorm is an equal opportunity employer, committed to creating a diverse and inclusive workplace, and upholding equitable hiring practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic under federal, state, or local law, including those with a criminal history, in a manner consistent with the requirements of applicable state and local laws, including the CA Fair Chance Initiative for Hiring Ordinance. We actively encourage members of recognized minorities, women, Veterans, and those with disabilities to apply, and we work to create a welcoming and supportive environment for all applicants throughout the interview process.
Firestorm is committed to fostering an inclusive and accessible work environment. If you require accommodations or assistance during the application process, please don’t hesitate to reach out to us at [email protected] so we can provide the support you need.
First name *
Last name *
Email *
LinkedIn URL
Phone number *
Location
Resume *
Click to upload or drag and drop here
Are you a US Citizen/ US Person who can obtain and maintain a Security Clearance? *
US Person
Voluntary Self-Identification
To comply with government reporting requirements, we invite candidates to participate in the self-identification survey below. Your completion of this form is entirely optional, and your decision will neither influence the hiring process nor any subsequent stages. Any information you choose to share will be kept confidential and stored in a secure file. As outlined in our Equal Employment Opportunity policy, we uphold a commitment to non-discrimination based on any protected group status specified in applicable laws.
Gender
Race
Race and ethnicity descriptions
Voluntary Self-Identification of Veteran Status
VEVRAA requires Government contractors to take affirmative action to employ and advance in employment protected veterans. To help us measure the effectiveness of our outreach and recruitment efforts of veterans, we are asking you to tell us if you are a veteran covered by VEVRAA. If you believe that you belong to any of the following categories of protected veterans, please indicate by making the appropriate selection.
Veteran status descriptions
Disabled veteran
A veteran who served on active duty in the U.S. military and is entitled to disability compensation (or who but for the receipt of military retired pay would be entitled to disability compensation) under laws administered by the Secretary of Veterans Affairs, or was discharged or released from active duty because of a service-connected disabilityRecently separated veteran
A veteran separated during the three-year period beginning on the date of the veteran's discharge or release from active duty in the U.S military, ground, naval, or air serviceActive duty wartime or campaign badge veteran
A veteran who served on active duty in the U.S. military during a war, or in a campaign or expedition for which a campaign badge was authorized under the laws administered by the Department of DefenseArmed Forces service medal veteran
A veteran who, while serving on active duty in the U.S. military ground, naval, or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985 (61 Fed. Reg. 1209).Veteran status
Voluntary Self-Identification of Disability Status
Form CC-305
OMB Control Number 1250-0005
Page 1 of 1
Expires 04/30/2026
We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.
Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.
Disability descriptions
A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:
Disability status
PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.
By applying you agree to Gem's terms and privacy policy.
Save your info to apply to other roles faster & help employers reach you.
Req ID: R21
