Information Systems Security Officer (ISSO)

Arch SystemsWashington, DC
401dHybrid
Match Resume

About The Position

The Information Systems Security Officer (ISSO) is responsible for ensuring the confidentiality, integrity, and availability of multiple client information systems. This role involves implementing, maintaining, and monitoring the security posture of assigned systems to ensure compliance with federal regulations and organizational policies. The ISSO collaborates with various stakeholders to identify security risks, implement controls, and support authorization and continuous monitoring processes.

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, or a related field.
  • 3-5 years of experience in information systems security, compliance, or related roles.
  • Knowledge of federal security standards, including NIST 800-53, RMF, and FISMA.
  • Experience with security tools such as vulnerability scanners (e.g., Nessus, Qualys), SIEM solutions, and compliance platforms.
  • Strong understanding of access control mechanisms, encryption standards, and secure communication protocols.
  • Excellent communication and documentation skills.

Nice To Haves

  • Professional certifications such as CISSP, CISM, CAP, or Security+.
  • Experience with cloud environments (AWS, Azure, Google Cloud Platform) and FedRAMP compliance.
  • Knowledge of incident response frameworks and techniques.
  • Familiarity with automation tools for security monitoring and compliance.

Responsibilities

  • Develop, implement, and maintain the System Security Plan (SSP) for assigned systems.
  • Manage security documentation, including risk assessments, security control assessments (SCAs), and Plans of Action and Milestones (POA&Ms).
  • Ensure compliance with federal regulations (e.g., FISMA, FedRAMP, NIST 800-53).
  • Collaborate on schedules and major milestones for Authorization to Operate (ATO) support.
  • Coordinate and support the Risk Management Framework (RMF) lifecycle for systems under their purview.
  • Collaborate with Security Control Assessors (SCAs) to facilitate assessments and address identified vulnerabilities.
  • Prepare ATO packages and artifacts and present them to the Authorizing Official (AO) for approval.
  • Monitor system security controls to ensure continuous compliance and effectiveness.
  • Review system logs, audit trails, and event monitoring tools to detect and respond to security incidents.
  • Participate in incident response efforts, including containment, eradication, and recovery.
  • Conduct regular vulnerability scans and coordinate remediation efforts.
  • Manage and track risks in the POA&M, ensuring timely resolution of identified issues.
  • Provide security awareness training and guidance to system users and administrators.
  • Ensure users adhere to security policies and procedures.
  • Act as a liaison between security teams, system owners, and other stakeholders.
  • Provide regular status reports on system security to leadership and government agencies.
  • Assist in policy development and review to enhance security governance.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Industry

Publishing Industries

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service