Cloud Information System Security Officer (ISSO) – Senior #1708368

About The Position

Requirements

• U.S. Citizenship is required
• Must possess an active TS clearance at the time of application
• This position requires working onsite at one of the following locations, 5 days per week: Downtown Washington, DC; Huntsville, AL; or Clarksburg, WV
• Bachelor's degree in Information Systems, Cybersecurity, Computer Science, Engineering, or a related technical discipline; or equivalent combination of education, training, and work experience.
• Eight (8) or more years of experience supporting federal information systems security; in absence of years of experience, certifications or past work may be used to show the level of experience needed to perform at this level.
• Demonstrated experience serving as an ISSO for cloud-hosted and hybrid systems within a federal environment.
• Extensive experience executing the RMF lifecycle, including system categorization, control implementation, assessment support, authorization package preparation, and continuous monitoring.
• Experience maintaining system security documentation aligned to NIST SP 800-53.
• Experience managing POA&Ms, tracking remediation activities, and coordinating closure with technical teams.
• Experience supporting systems categorized under FIPS 199 (Moderate and High), including National Security Systems (NSS), as applicable.
• Hands-on experience maintaining RMF artifacts within a Governance, Risk, and Compliance (GRC) tool.
• Deep understanding of RMF and federal information security compliance requirements.
• Strong experience managing security documentation, evidence, and artifacts.
• Familiarity with cloud security concepts and control inheritance models.
• Experience coordinating with system engineers, security engineers, and operations teams to address findings.
• Strong organizational, documentation, and communication skills.
• Ability to manage multiple systems concurrently within an enterprise portfolio.
• Ability to provide guidance and mentoring to mid- and junior-level ISSOs.

Nice To Haves

• Certifications (preferred, not required): CISSP (Associate or Full), CISM, GSLC, or other senior-level cybersecurity or RMF-aligned certifications.

Responsibilities

• Serve as the senior ISSO for assigned cloud and hybrid information systems.
• Oversee implementation and maintenance of security controls throughout the system lifecycle.
• Ensure systems comply with federal cybersecurity policies and authorization requirements.
• Monitor system security posture and identify compliance or risk issues requiring remediation.
• Prepare, maintain, and update RMF artifacts, including system security plans, control implementation descriptions, and supporting evidence.
• Coordinate security assessments by ensuring documentation and artifacts are complete and accurate.
• Manage POA&Ms, including tracking remediation actions and coordinating closure with technical teams.
• Support continuous monitoring activities and recurring security reviews.
• Act as the primary security point of contact for assigned systems.
• Coordinate with Cloud ISSEs, system owners, and operations teams to resolve security findings.
• Provide guidance to junior ISSOs and support consistent security implementation practices.
• Contribute to process improvement efforts aimed at improving ATO quality and timeliness.

Benefits

• comprehensive health, dental, vision, pet, and legal insurance
• 401(k) retirement matching
• paid leave
• paid holidays
• health and wellness programs
• employer-paid life and disability insurance
• professional development
• education benefits