Information System Security Officer (ISSO)

About The Position

Requirements

• Must have an existing CBP Full BI
• Certifications: CISSP, CAP, Security+, CISM, or other applicable certifications
• Possess Strong written and verbal communication skills.
• Highly organized with an ability to prioritize, balance, and effectively advance multiple competing priorities in a high-volume, fast-paced environment.
• Ability to interact in a professional and collaborative manner with fellow Dynanet Teammates and the clients, and business partners that we work with.
• Ability and desire to challenge and educate yourself to support and advance IT services delivery in the Federal agencies we serve.
• Excellent judgment and creative problem-solving skills.
• Respond to team member and client requests via email, MS teams, or other communication means during core business hours.
• Active listening skills to understand clients' needs, and collaboration skills to work with other developers and designers.
• Bachelor’s degree in Cybersecurity, IT, or related field (or equivalent experience)
• Eight (8) years of experience in information security, risk management, or related fields.
• Knowledge of RMF, NIST standards, vulnerability management, incident response, and security tools (e.g., Nessus, SIEM).

Responsibilities

• Compliance and Risk Management: Ensure systems comply with security frameworks (e.g., RMF, NIST 800-53, FISMA) and manage ongoing system risk through assessments and reviews.
• Security Documentation: Develop, maintain, and update System Security Plans (SSPs), security assessments, and Plans of Action and Milestones (POA&Ms).
• Monitoring and Incident Response: Monitor information systems for vulnerabilities and security events, and coordinate incident response efforts where needed.
• Assessment and Authorization (A&A): Support the A&A process and ensure systems meet necessary requirements for Authority to Test (ATT) and Authority to Operate (ATO) or meet other regulatory accreditations.
• Vulnerability and Configuration Management: Perform regular vulnerability scans, monitor patch management, and ensure secure system configurations.
• Security Training and Awareness: Provide cybersecurity training and foster awareness among users to promote adherence to security policies.
• Collaboration with Stakeholders: Work with IT teams, management, and external authorities to maintain alignment on security goals and address identified risks.

Benefits

• Industry Competitive Compensation
• Medical and Dental Insurance
• Paid Time Off/Holidays
• 401(k) Retirement Plans with Matching
• Remote Work (Contract dependent)
• Paid Training
• Employee Referral Program
• Employee Development Program