Information System Security Officer (ISSO)

Falls Church, VA - USA

Monthly Salary: Not Disclosed

Posted on: 7 days ago

Vacancies: 1 Vacancy

Job Summary

BCMC is seeking an experienced Senior Cybersecurity Engineer with strong Certification & Accreditation (C&A) / Information Assurance (IA) experiences to support cybersecurity compliance risk management and accreditation activities for federal and DoD information systems. The ideal candidate will have deep expertise in RMF NIST standards and system authorization processes and will serve as a key advisor on security posture and compliance strategy.

Place of Performance: Remote within the DC Metro Area. This is mostly Remote but may require travel to Fort Meade MD for SIPRNet access for sensitive data and information handling related to this position.

Requirements:

Candidate must be U.S. Citizen with at least active DoD SECRET security clearance.
Bachelors degree in Cybersecurity Information Systems Computer Science or related field (or equivalent experience)

8 years of experience in Information Assurance / Cybersecurity / C&A
Strong experience with RMF and system authorization processes.
Hands-on experience with NIST 800-53 security controls RMF Rev 5 and Security documentation (SSP POA&M SAR etc.).
Must have one or more of the following active certifications: CISSP and/or CISM
Experience supporting federal agencies or DoD environments.
Familiarity with tools such as eMASS DITPR DITPRs GRC and etc.
Experience with cloud/SaaS security controls and compliances for ServiceNow Azure and/or FedRAMP.
Strong analytical and communication skills.
Risk management and compliance expertise.
Strong documentation and reporting skills.
Ability to lead accreditation efforts independently.

Responsibilities:

Lead Certification & Accreditation (C&A) activities in accordance with the Risk Management Framework (RMF) as the ISSO.
Develop maintain and review authorization packages (e.g. SSP SAR POA&M)
Conduct security control assessments and coordinate remediation efforts
Ensure compliance with NIST 800-53 NIST 800-37 RMF Rev 5 standard and applicable federal/DoD policies.
Support system Authorization to Operate (ATO) Authority to Connect (ATC) and continuous monitoring activities.
Perform risk assessments and provide mitigation strategies.
Collaborate with system owners ISSMs and stakeholders across programs.
Support audits inspections and security reviews.

Our Company Overview
Business Computers Management Consulting Group LLC (BCMC) is a small business specializing in Information Technology (IT) Cybersecurity Information Assurance (IA) SOA Big Data Management Program Management and more for Federal State and Local agencies. We possess highly skilled engineers providing innovative solutions backed by strong past performances. We are ISO 9001:2015 ISO 27001::2018 and CMMI L3 certified and registered promising highest quality and services to all of our clients.

Benefits
Extremely competitive salary
95% employer paid for employee medical dental & vision coverages
100% employer paid for employee life STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
11standard holidays & 3 weeks of annual leave

Required Experience:

Senior IC

Requirements:

Candidate must be U.S. Citizen with at least active DoD SECRET security clearance.
Bachelors degree in Cybersecurity Information Systems Computer Science or related field (or equivalent experience)

8 years of experience in Information Assurance / Cybersecurity / C&A
Strong experience with RMF and system authorization processes.
Hands-on experience with NIST 800-53 security controls RMF Rev 5 and Security documentation (SSP POA&M SAR etc.).
Must have one or more of the following active certifications: CISSP and/or CISM
Experience supporting federal agencies or DoD environments.
Familiarity with tools such as eMASS DITPR DITPRs GRC and etc.
Experience with cloud/SaaS security controls and compliances for ServiceNow Azure and/or FedRAMP.
Strong analytical and communication skills.
Risk management and compliance expertise.
Strong documentation and reporting skills.
Ability to lead accreditation efforts independently.

Responsibilities:

Lead Certification & Accreditation (C&A) activities in accordance with the Risk Management Framework (RMF) as the ISSO.
Develop maintain and review authorization packages (e.g. SSP SAR POA&M)
Conduct security control assessments and coordinate remediation efforts
Ensure compliance with NIST 800-53 NIST 800-37 RMF Rev 5 standard and applicable federal/DoD policies.
Support system Authorization to Operate (ATO) Authority to Connect (ATC) and continuous monitoring activities.
Perform risk assessments and provide mitigation strategies.
Collaborate with system owners ISSMs and stakeholders across programs.
Support audits inspections and security reviews.