Senior Information Systems Security Officer (ISSO) – Technical Lead

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Engineering, or related technical field.
• Minimum of NINE (9) years of cybersecurity or secure systems engineering experience, including cloud architecture.
• An ACTIVE and CURRENT TOP SECRET federal or DOD security clearance.
• Strong understanding of security frameworks and compliance standards (e.g., NIST, RMF SP 800-53 Rev 5, DoD 8570).
• Proven experience in designing and implementing enterprise security tools such as SIEM (e.g., Splunk), vulnerability scanners (e.g., Nessus), and endpoint protection platforms (e.g., Crowdstrike).
• Secure configuration management and vulnerability lifecycle management
• Advanced use of ACAS/Nessus, STIG Viewer, SCAP Compliance Checker
• Experience with cloud security practices and technologies (AWS, Azure, GCP).
• Demonstrated ability to lead cross-functional teams and complex technical projects.
• Strong analytical and problem-solving skills.
• Excellent communication skills with the ability to convey technical concepts to non-technical stakeholders.

Nice To Haves

• Master’s Degree in relevant cybersecurity or IT field
• One or more of the following certifications: ISC2 Zero Trust Strategy Certificate, Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP) / Certified in Governance, Risk and Compliance (CGRC), IAT Level II (Information Assurance Technical), IAM Level II (Information Assurance Management)
• Familiarity with scripting or automation (PowerShell, Python, Bash) is a plus
• Hands-on experience with network security, cryptography, and/or identity management.
• Experience working with DevOps/engineering teams on secure design, change reviews, and risk mitigation.
• Project Management Professional (PMP) or Scaled Agile Framework (SAFe) certification for managing cybersecurity projects in Agile environments

Responsibilities

• Lead the implementation, assessment, and enhancement of NIST 800‑53 security controls across cloud, hybrid, and on Prem environments.
• Oversee RMF and ATO package development, review, and approval processes, including SSPs, IRPs, ISCPs, CMPs, and POA&Ms.
• Serve as a senior security advisor to system owners, program leadership, and regulatory bodies.
• Lead internal and external audit preparation, documentation, artifact collection, and response strategies.
• Conduct advanced risk assessments, architecture reviews, and system security analyses.
• Guide POA&M management and direct the remediation of vulnerabilities identified via ACAS, STIG, SCAP, and agency‑specific scans.
• Support continuous monitoring programs, change control reviews, and ongoing security lifecycle management.
• Mentor Junior and Mid‑Level ISSOs; contribute to process standardization and governance improvements.
• Review emerging threats and provide security recommendations to align systems with evolving federal and agency requirements.
• Mentor junior and mid‑level ISSOs and act as a technical escalation point for cloud engineering issues.

Benefits

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Parental Leave
• 401(k) Retirement Plan
• Group Term Life and Travel Assistance
• Voluntary Life and AD&D Insurance
• Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
• Transit and Parking Commuter Benefits
• Short-Term & Long-Term Disability
• Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Care.com annual membership
• Employee Assistance Program
• Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
• Position may be eligible for a discretionary variable incentive bonus