FCC - ISSO Lead

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
• 8+ years of experience in cybersecurity, compliance, or risk management.
• Demonstrated experience with RMF, NIST SP 800-53, and federal compliance frameworks.
• Experience supporting A&A, POA&M management, and continuous monitoring programs.
• Experience in enterprise-scale cybersecurity environments.
• Experience with federal environments (FISMA, NIST frameworks).
• Experience with GRC tools (e.g., Xacta).
• Strong leadership, communication, and stakeholder engagement skills
• CISSP (Certified Information Systems Security Professional) OR equivalent certification in information security governance/risk.

Responsibilities

• Lead RMF lifecycle activities including system authorization, reauthorization, and continuous monitoring.
• Develop, maintain, and update security documentation including SSPs, CMPs, contingency plans, and A&A packages.
• Manage POA&Ms, risk acceptances, and remediation tracking across enterprise systems.
• Serve as liaison between business units and the Office of the CISO.
• Support vulnerability management, configuration management, and compliance monitoring.
• Lead internal controls testing and Security Control Assessments (SCA).
• Coordinate and support internal/external audits (e.g., FISMA, OIG).
• Maintain authorization boundary documentation and configuration deviation tracking.
• Support risk analysis, reporting, and continuous improvement initiatives.
• Facilitate weekly security meetings and stakeholder coordination.