Information System Security Officer (ISSO) (Las Vegas, NV)
About The Position
Koniag IT Systems, LLC a Koniag Government Services company, is seeking Information System Security Officer (ISSO) with a Top- Secret security clearance to support KITS and our government customer in Las Vegas, NV. We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more. Koniag Data Solutions is seeking an experienced Mid-Level Information System Security Officer (ISSO) to support our cybersecurity efforts for the Department of Energy's National Nuclear Security Administration (DOE NNSA). The ideal candidate will have demonstrated experience with security authorization processes, risk management, and compliance with federal cybersecurity requirements. This position requires a professional who can effectively manage system security documentation and processes while working within the Risk Management Framework (RMF). Candidates must be eligible for the appropriate security clearance.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field
- 3-5 years of experience in cybersecurity or information security
- 2+ years of experience with RMF or similar security authorization frameworks
- Experience developing and maintaining security documentation including ISSPs, Risk Assessments, and Security Baselines
- Experience working with federal agencies, preferably DOE, NNSA, or Department of Defense
- Training that meets or is progressing toward NNSA and/or DoD 8140 requirements
- Strong knowledge of the NIST Risk Management Framework (RMF)
- Understanding of federal cybersecurity regulations, policies, and standards
- Proficiency with security authorization documentation and processes
- Experience with risk assessment methodologies and practices
- Knowledge of security control implementation and assessment
- Strong project management skills with ability to manage multiple tasks simultaneously
- Excellent documentation skills and attention to detail
- Strong written and verbal communication skills
- Experience with continuous monitoring and ongoing authorization processes
- Knowledge of incident management and reporting requirements
- Understanding of NIST SP 800-53 security controls
- Ability to obtain and maintain required security clearance
- Experience with system security planning and documentation
- Knowledge of vulnerability management processes
- Ability to work collaboratively in team environments
- Top Secret security clearance / Q
Nice To Haves
- Master's degree in Cybersecurity, Information Technology, or related field
- Certifications such as Security+, CISSP, CAP, or equivalent
- Experience specifically with DOE NNSA cybersecurity requirements
- Experience with eMASS or similar authorization management systems
- Knowledge of FISMA compliance requirements
- Experience with security testing and evaluation
- Familiarity with supply chain risk management
- Experience presenting cybersecurity concepts to management
- Knowledge of system hardening techniques and practices
- Experience with security architecture review
- Understanding of cloud security principles
- Experience with security incident handling
- Knowledge of secure coding practices
- Familiarity with privacy requirements and documentation
Responsibilities
- Manage and develop system, application, and hardware authorization documentation including Information System Security Plans (ISSPs), Risk Assessments, and Security Baselines
- Ensure authorization activities are completed in a timely and accurate manner for both initial authorization and re-authorization processes
- Develop comprehensive authorization packages independently and submit them to the ISSM for review
- Prepare authorization packages for submission to the Authorizing Official (AO) or Authorizing Official Designated Representative (AODR) for review and approval
- Apply the Risk Management Framework (RMF) methodology consistently across assigned systems
- Maintain knowledge of AO-approved risk boundaries and risk tolerance levels
- Update authorization documentation according to organizationally defined schedules in accordance with risk management objectives
- Conduct continuous monitoring activities for assigned systems
- Track security control implementation and effectiveness
- Document system changes and assess their impact on security posture
- Work within established authorization boundaries and ensure operations adhere to approved parameters
- Support transparent decision-making processes that align with AO requirements
- Assist with the onboarding and termination processes for contractor personnel
- Ensure work products and deliverables meet Enterprise Cybersecurity Program requirements and quality standards
- Provide technical support at meetings, briefings, and presentations
- Collaborate effectively with other contractors supporting NA-IM and NNSA
- Mentor junior security personnel in authorization processes and documentation
Benefits
- health insurance
- dental insurance
- vision insurance
- 401K with company matching
- flexible spending accounts
- paid holidays
- three weeks paid time off
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
501-1,000 employees
