HUD - Sr. ISSO

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, IT, or related field.
• 7+ years of cybersecurity experience with A&A / RMF.
• Experience with FedRAMP and cloud authorization processes.
• Strong knowledge of NIST SP 800-53, 800-37, and federal compliance frameworks.
• Experience developing security documentation and artifacts.
• Familiarity with POA&M management and risk analysis.

Responsibilities

• Support Assessment & Authorization (A&A) activities for cloud and on-prem systems.
• Develop and maintain A&A artifacts including SSPs, POA&Ms, SARs, Contingency Plans, and Risk Acceptance documentation.
• Assist in leveraging FedRAMP packages and defining inherited vs. customer controls.
• Coordinate with system owners, ISSOs, IAMs, and stakeholders on system security posture.
• Conduct security control assessments and evaluate implementation effectiveness.
• Support up to 10 system authorizations annually.
• Prepare Platform Authorization Status Reports and SA&A progress reports.
• Review accreditation packages annually for compliance and risk mitigation.
• Support risk acceptance processes and documentation.
• Participate in A&A meetings, working groups, and maintain meeting minutes.
• Develop SOPs for accreditation and authorization processes.
• Ensure compliance with NIST RMF, OMB, FISMA, and federal security mandates.