Information System Security Officer (ISSO) - Cloud Data Platform

Omniscius Consulting•Washington, DC

7d•Onsite

About The Position

We are seeking an experienced Information System Security Officer (ISSO) to support a federal client's Cloud Data Platform modernization initiative in Washington, DC. This role is responsible for ensuring the security, compliance, and continuous authorization of a Microsoft Azure-based cloud analytics environment supporting mission-critical economic research and large-scale data analytics. The successful candidate will provide cybersecurity leadership across cloud engineering, governance, risk management, continuous monitoring, vulnerability management, and Authority to Operate (ATO) activities while partnering closely with Government stakeholders, cloud architects, and data engineering teams. This is an outstanding opportunity for a cloud security professional with deep experience supporting FedRAMP, FISMA, NIST 800-53, Zero Trust, Microsoft Azure, and federal compliance frameworks.

Requirements

Minimum 5 years of experience performing ISSO or cloud cybersecurity responsibilities within federal cloud environments.
Experience supporting Microsoft Azure cloud environments.
Strong knowledge of Cloud Security, Zero Trust Architecture, Identity and Access Management, RBAC, Encryption technologies, Data Loss Prevention (DLP), Vulnerability Management, Incident Response.
Experience supporting FedRAMP, FISMA, NIST 800-53, Continuous Monitoring, Risk Management Framework (RMF).
Experience developing and maintaining ATO packages.
Strong understanding of cloud security architecture and secure system design.
Excellent written communication skills with experience producing executive-level security documentation.
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
CompTIA Cloud+

Responsibilities

Serve as the designated Information System Security Officer (ISSO) and primary cybersecurity lead for the cloud data platform.
Lead all security activities supporting the system's Authority to Operate (ATO) and ongoing authorization.
Develop, maintain, and update security documentation including: System Security Plans (SSPs), POA&Ms, Risk Assessments, Security Assessment Reports (SARs), Continuous Monitoring artifacts.
Support compliance with: FedRAMP Moderate, FISMA, NIST SP 800-53, NIST SP 800-207 (Zero Trust), FTC security policies.
Implement and maintain cloud security controls within Microsoft Azure.
Design and manage identity and access management using Microsoft Entra ID and RBAC.
Configure and validate encryption for data at rest and in transit.
Support vulnerability management, remediation planning, and security assessments.
Coordinate monthly continuous monitoring activities and security metrics reporting.
Conduct annual risk assessments and security control reviews.
Support privacy documentation including PTAs and PIAs.
Work closely with the Government Authorizing Official, System Owner, CISO, COR, and Continuous Assurance teams.
Assist with incident response, forensic investigations, and security event analysis.
Coordinate vulnerability scanning, penetration testing, and remediation activities.
Participate in tabletop exercises, disaster recovery planning, and cyber resilience initiatives.
Ensure cloud solutions comply with FedRAMP authorization boundaries and federal cybersecurity requirements.
Provide technical guidance to cloud architects and engineering teams on secure cloud design and implementation.