Information System Security Officer (ISSO)
Information System Security Officer (ISSO)
Posted on :
15-07-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
$ 158040 - 168040
Vacancy
1 Vacancy
Posted on :
15-07-2025
Job Description
Please Note:
- It is 100% Onsite Position
- Selected candidate must be willing to work on-site in Woodlawn MD 5 days a week
Key Required Skills:
- Strong experience with NIST 800-53 Cybersecurity ATO Splunk Risk Assessment and POA&M.
Position Description:
- Provide feedback on Authority to Operate (ATO) documentation
- Complete Control Implementation Statements (CIS)
- Provide Cybersecurity expertise
- Review system documentation
Requirements
Skills Requirements:
Basic Qualifications
- Bachelors degree in computer science Mathematics Engineering or a related field
- Masters or Doctorate degree may substitute for required experience
- 8 years experience as cybersecurity professional/ISSO
- Must be able to obtain and maintain a Public Trust. Contract requirement.
Required Skills
- Assist with the development and implementation of the information security program including the following program components: vulnerability management (Audit log review) and verification testing incident response business continuity control testing risk assessment and regulatory gap analysis.
- Conducts self-assessments of security controls identify weaknesses and track remediation activities in Plan of Action and Milestones (POA&M).
- Maintain expert-level knowledge of all National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Security Controls and Conducts NIST 800-53 controls testing. Work with technical teams to mitigate security control deficiencies for assigned IT systems.
- Use internal tools as an approved repository for artifacts and Plans of Action and Milestones (POA&M).
- Assist staff in assessing new applications identifying applicable NIST SP 800-37 RMF requirements and advising system owners of the process.
- Participates in security assessments and audits for assigned systems and facilitates obtaining evidence for data requests.
- Performs continuous monitoring of security controls to ensure that they continue to be implemented correctly operating as intended and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems.
- Must have Knowledge of laws regulations policies and ethics as they relate to cybersecurity and privacy (Experience with NIST special publications FIPS publications specifically RMF and NIST 800-53 Rev5 security controls and their requirements).
- Must have experienced creating monitoring updating and closing plans of actions and milestones (POA&M).
- Review and compile the security control implementations test results Security Assessment Reports (SARs) Plan of Action and Milestones (POA&M) risk acceptance recommendations and risk mitigation strategies to support the recommendation for client risk acceptance authorization decisions.
- Familiar with XACTA and ServiceNow.
- Experience with GovClud FedRAMP and FISMA
Desired Skills
- Experience as cybersecurity professional.
- Prior experience with federal governments IT projects.
Assist with the development and implementation of the information security program, including the following program components: vulnerability management (Audit log review) and verification testing, incident response, business continuity, control testing, risk assessment and regulatory gap analysis. Conducts self-assessments of security controls, identify weaknesses and track remediation activities in Plan of Action and Milestones (POA&M). Maintain expert-level knowledge of all National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Security Controls and Conducts NIST 800-53 controls testing. Work with technical teams to mitigate security control deficiencies for assigned IT systems. Use internal tools as an approved repository for artifacts and Plans of Action and Milestones (POA&M). Assist staff in assessing new applications, identifying applicable NIST SP 800-37 RMF requirements and advising system owners of the process. Participates in security assessments and audits for assigned systems and facilitates obtaining evidence for data requests. Performs continuous monitoring of security controls to ensure that they continue to be implemented correctly, operating as intended and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems. Must have Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy (Experience with NIST special publications, FIPS publications specifically RMF and NIST 800-53 Rev5 security controls and their requirements). Must have experienced creating, monitoring, updating, and closing plans of actions and milestones (POA&M). Review and compile the security control implementations, test results, Security Assessment Reports (SARs), Plan of Action and Milestones (POA&M), risk acceptance recommendations, and risk mitigation strategies to support the recommendation for client risk acceptance authorization decisions. Familiar with XACTA and ServiceNow. Experience with GovClud, FedRAMP and FISMA
Education
Bachelor's degree with 7+ years of experience Must be able to obtain and maintain a Public Trust. Contract requirement
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
