Mid-Level Information System Security Officer
About The Position
XPECT Solutions is looking for a Mid-Level Information System Security Officer (ISSO). The Information System Security Officer (ISSO) plays a critical role in ensuring the confidentiality, integrity, and availability of information systems within an organization. Acting as the primary liaison between system owners and cybersecurity stakeholders, the ISSO is responsible for implementing and maintaining security controls, managing risk assessments, and ensuring compliance with federal regulations and organizational policies. This role requires a deep understanding of security frameworks, continuous monitoring practices, and incident response procedures to safeguard sensitive data and support mission-critical operations
Requirements
- ACTIVE TOP SECRET CLEARANCE
- 5+ years serving as an Information Systems Security Officer (ISSO) at a cleared facility
- 7+ years of work experience in a computer science or Cybersecurity related field
- Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP) Global Information Security Professional (GISP) CompTIA Advanced Security Practitioner (CASP)
- Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications
Nice To Haves
- Bachelor's or advanced degree in Computer Science, Cybersecurity, or other cyber discipline
Responsibilities
- Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS
- Provide liaison support between the system owner and other IS security personnel
- Ensure that selected security controls are implemented and operating as intended during all phases of the IS lifecycle
- Ensure that system security documentation is developed, maintained, reviewed, and updated on a continuous basis
- Conduct required IS vulnerability scans according to risk assessment parameters.
- Develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities
- Manage the risks to ISs and other our customer’s assets by coordinating appropriate correction or mitigation actions, and oversee and track the timely completion of (POAMs)
- Coordinate system owner concurrence for correction or mitigation actions
- Monitor security controls for our customer’s ISs to maintain security Authorized To Operate (ATO)
- Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase
- Ensure that changes to an our customer’s IS, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM)
- Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR
Benefits
- A competitive Medical, Dental, and Vision plan
- Retirement Savings Plan
- Life Insurance
- AD&D Insurance
- Short Term and Long Term Disability Insurance
- 3 weeks of annual PTO
- 11 days of Holiday PTO
- Performance Awards
- Referral Bonus Plan (of up to $5,000/year)
- Education Reimbursement/Training (of up to $2,500/year)
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
