Information System Security Officer (ISSO)

DC
Full Time
Experienced
We are seeking an experienced Information System Security Officer (ISSO) to join our cybersecurity team supporting a federal customer remotely. The ISSO will be responsible for ensuring the security of our information systems by developing, implementing, and maintaining security processes and documentation.

Responsibilities:
  • Develop and maintain System Security Plans (SSP), Contingency Plans, Business Impact Analyses (BIA), Plan of Action and Milestones (POA&Ms), Security Assessment Reports (SARs), Security Assessment Plans (SAPs), and other security documentation.
  • Identify key stakeholders in Assessment and Authorization (A&A) efforts and ensure system documentation reflects current security configurations, including hardware, software components, data flow, interconnections, and ports, protocols, and services.
  • Identify potential risks associated with system configurations and advise on mitigation strategies. Document residual risks and provide cybersecurity risk analysis and mitigation determination results.
  • Participate in A&A status meetings, facilitate the progression towards successful A&A efforts, and assist in estimating Level of Effort (LOE) for A&A activities.
  • Develop and implement detailed test plans, review findings from self-assessments to determine readiness for independent validation and verification (IV&V) and conduct IV&V assessments.
  • Analyze test results for accuracy, compliance, and adherence to Federal cybersecurity requirements. Conduct thorough reviews of all vulnerabilities, architecture, and defense-in-depth strategies, and report findings in POA&Ms documents.
  • Maintain cybersecurity policies and processes as assigned. Manage and track systems or programs involved in the A&A process.
  • Develop and implement security-related directives and guidance for Information Assurance (IA), Information Technology (IT), and Information Management (IM).
Requirements:
  • IAT III Certification
  • Active DoD Secret Clearance
  • Minimum of 8 years of experience in information system security, with a strong background in cybersecurity.
  • Proven experience in developing and maintaining security documentation and conducting risk assessments.
  • Experience in managing large-scale cybersecurity programs and leading cybersecurity teams.
  • Familiarity with Federal cybersecurity requirements and the A&A process.
  • Proficient in the use of cybersecurity tools and technologies, such as Nessus ACAS scans, SCAP, and eMASS.
  • Strong analytical skills and ability to conduct thorough reviews of vulnerabilities and defense strategies.
Share

Apply for this position

Required*
Apply with Indeed
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*