Information System Security Officer (ISSO)

About The Position

Requirements

• 7+ years of practical experience in information security or related fields.
• Excellent writing and communication skills, with a strong attention to detail.
• Experience in security planning or coordination, particularly in managing logistics for security audits or inspections.
• Proficient in using basic security software, such as SIEM tools or vulnerability assessment tools, to monitor and secure the organization's IT infrastructure.
• Familiarity with regulatory requirements and best practices in information security.
• Strong organizational and multitasking abilities, with the capability to manage multiple projects and deadlines effectively.

Nice To Haves

• Previous experience in developing security policies, procedures, or training programs.
• Knowledge of compliance standards, such as ISO 27001, NIST, GDPR, and FedRAMP.
• Understanding of security analytics tools, such as Splunk or security dashboard tools, to measure the effectiveness of security measures.
• Demonstrated creativity and ability to think outside the box in developing security solutions and strategies.
• Experience with risk management and incident response planning.

Responsibilities

• Partner with Sales and Technology teams to ensure security policies and procedures are consistently applied and updated across the organization.
• Maintain our FedRAMP High ATO and facilities clearance, ensuring compliance with all relevant regulations and standards.
• Complete necessary Significant Change Requests (SCRs) in a timely and efficient manner.
• Support the development and execution of security awareness training programs, with internal stakeholders and external partners.
• Assist in planning and organizing security audits, including coordinating travel arrangements and accommodations for auditors.
• Write comprehensive security reports and documentation for internal use and regulatory compliance.
• Maintain the company's security policy documentation; Initiate and maintain compliance with relevant security standards and frameworks.
• Develop and manage Plans of Action and Milestones (POAMs) to address and mitigate identified security vulnerabilities.
• Lead efforts to create System Security Plan Documentation.
• Work through the differences of the various compliance levels from different agencies and be able to talk to the overlap.

Benefits

• We understand the value of such people, reward them accordingly, and provide best-in-class benefits to support them and their family’s well-being.
• Full-time employees are eligible to receive top-notch Medical, Dental, Vision, 401K savings plan, Life Insurance, and Short and Long-term Disability benefits as well as generous paid flex-time, education and technology reimbursement.
• This includes:
• 100% employer covered health care premiums
• 6% 401k match
• Education and professional development budget
• 25 PTO days per year, which increases with tenure
• Annual technology budget