Sr. Information Systems Security Officer (ISSO) - U.S. Citizenship Required

ZenPoint Solutions•Washington, DC

11h•Onsite

About The Position

ZenPoint Solutions LLC is a federal sector IT services company seeking a Sr. Information Systems Security Officer (ISSO) to join their team. The company emphasizes employee well-being and a positive culture, delivering innovative solutions for critical IT missions. This role is contingent upon contract award and government approval. The Sr. ISSO will serve as a task lead, overseeing secure information systems and ensuring continuous compliance. The position requires an active Top Secret clearance and is fully onsite in Washington, DC, 5 days a week at the customer's facility.

Requirements

Candidate must be a United States Citizen and present proof of Citizenship, if selected
Bachelor’s degree in Computer Science, Cybersecurity, or other cyber discipline
Possess at least one of the following certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 Information Assurance Management (IAM) Level III proficiency.
Possesses at least 7 years of experience serving as an Information Systems Security Officer (ISSO) or Information System Security Engineer at a cleared facility.
Minimum of 9 years of work experience in a computer science or Cybersecurity related field.
Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, Splunk, IBM Guardium, HP WebInspect, Network Mapper (NMAP), and/or similar applications

Responsibilities

Serve as the security task lead responsible for the day-to-day security operations and ongoing maintenance of the RMF lifecycle for federal customer IT systems.
Coordinate activities within the Authorize and Monitor steps, ensuring that all security roles are assigned and that the risk management strategy is operationalized.
Maintain and update system categorization records in tools like eMASS or CSAM to ensure they accurately reflect the mission impact and regulatory requirements.
Monitor the implementation and effectiveness of security controls, documenting how they are tailored to meet the customer’s risk appetite and compliance mandates.
Validate the technical and operational implementation of controls through regular vulnerability scanning (Nessus) and compliance checks (STIGs) throughout the system lifecycle.
Support Security Control Assessments (SCA) by coordinating artifact collection, participating in findings validation meetings, and preparing for independent audits.
Manage and sustain the ATO package, developing high-quality risk management documentation including the SSP, SAR, and continuous monitoring strategy.
Oversee the Plan of Action and Milestones (POA&M) process, prioritizing remediation activities and collecting evidence to close out security findings.
Act as the primary operational advisor for security incidents, providing subject-matter expertise for risk analysis, incident response, and system remediation efforts.
Implement security awareness programs, ensuring that team members and stakeholders are trained on security policies.
Communicate system security status and operational risks to the Authorizing Official (AO) and leadership through monthly reports and status briefings.
Maintain up-to-date knowledge of NIST SP 800-53 and FISMA requirements to ensure the system remains in continuous compliance with federal security mandates.