Nih Isso


Job Location:

Bethesda, MD - USA

Monthly Salary: Not Disclosed
Posted on: 10 hours ago
Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Information Systems Security Officer (ISSO) to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science Information Technology or a related field
  • 5 years of experience supporting Federal information security programs.
  • Experience supporting Federal Assessment and Authorization (A&A) efforts.
  • Experience implementing NIST Risk Management Framework (RMF) controls.
  • Active CISSP CAP Security CISM GSLC or GSEC

Duties:
  • Serve as the primary Information System Security Officer (ISSO) for assigned NIH information systems.
  • Implement and maintain the NIST Risk Management Framework (RMF) throughout the system development lifecycle.
  • Support Assessment and Authorization (A&A) activities for Low and Moderate FISMA systems.
  • Develop maintain and update System Security Plans (SSPs) Security Assessment Plans (SAPs) Security Assessment Reports (SARs) Plans of Action and Milestones (POA&Ms) security categorization documentation and supporting authorization artifacts.
  • Coordinate with System Owners to implement and maintain NIST SP 800-53 Rev. 5 security controls.
  • Perform continuous monitoring activities to verify ongoing compliance with Federal cybersecurity requirements.
  • Monitor security vulnerabilities and coordinate remediation efforts with system administrators and technical teams.
  • Track update and report POA&M items through successful remediation and closure.
  • Review vulnerability scan results and ensure corrective actions are completed within required timelines.
  • Support annual FISMA assessments and internal/external cybersecurity audits.
  • Assist in developing security risk assessments and documenting residual risk.
  • Coordinate security control assessments with Security Control Assessors (SCAs).
  • Support the preparation of authorization packages for Authorizing Officials (AOs).
  • Review proposed system changes for cybersecurity impacts and ensure appropriate security documentation is updated.
  • Maintain accurate cybersecurity documentation throughout the authorization lifecycle.
  • Assist with Risk Mitigation Waiver documentation and implementation of compensating security controls.
  • Provide cybersecurity guidance to System Owners regarding Federal information security requirements.
  • Participate in security architecture reviews and system design discussions.
  • Develop cybersecurity status reports metrics and compliance documentation for management.
  • Ensure compliance with FISMA OMB guidance HHS cybersecurity policy NIH security requirements and NIST standards.
  • Participate in cybersecurity incident response activities and coordinate with enterprise cybersecurity teams when required.

Required Experience:

Senior IC

cFocus Software seeks a Information Systems Security Officer (ISSO) to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.Qualifications:Public Trust ClearanceB.S....

About Company

Company Logo

Our exclusive ATO as a Serviceā„¢ software & expert services automate FISMA RMF & FedRAMP compliance.

View Profile View Profile