Senior Information System Security Officer (ISSO)
Role details
Job location
Tech stack
Job description
- Support the maintenance of security documentation and support system ATO and ATT efforts.
- Conduct security control assessments and provide recommendations for remediation.
- Perform biweekly audit log and vulnerability scan reviews and track POA&M items.
- Collaborate with system owners and technical teams to manage risk and respond to incident.
- Support Ongoing Authorization (OA) and continuous monitoring activities.
- Prepare and brief senior leadership on system security posture and compliance metric.
- Ensure alignment with cybersecurity policies and NIST SP 800-53, 800-37, and 800-137.
Requirements
- Education: Bachelor's degree in Cybersecurity, Information Technology, or a related field.
- Experience: 6 years
- Required Skills/Certs:
-
Minimum of six (6) years of hands-on experience in cybersecurity, with at least three (3) years supporting and maintaining system authorizations for complex systems (e.g., cloud, mission-critical, high-impact, or High Value Asset systems).
-
Demonstrated expertise in the Risk Management Framework (RMF), NIST SP 800-53 Rev 5, and related federal cybersecurity policies.
-
Extensive experience managing ATO/ATT processes, security control assessments, POA&M lifecycle, vulnerability management, and audit response.
-
Strong leadership experience mentoring junior and mid-level ISSOs and interfacing with senior government leadership.
-
Must possess at least two of the following active certifications: o Certified Information Systems Security Professional (CISSP) o Certified Information Security Manager (CISM) o Certified Governance, Risk and Compliance (CGRC) o Certified in Risk and Information Systems Control (CRISC) o Information Systems Security Management Professional (ISSMP) o Certified Information Systems Auditor (CISA) o Certified Cloud Security Professional (CCSP) o Certified Ethical Hacker (CEH) o CompTIA Security+
-
Proficiency in tools such as JCAM, Tenable Nessus, and Splunk.
-
Ability to develop, review, and present high-level security documentation and briefings.
-
Strong understanding of cloud platforms (IaaS, PaaS, SaaS), supply chain risk management, and incident response procedures.
- Required Clearance: Ability to obtain Public Trust clearance; Secret clearance strongly preferred.
Preferred Qualifications:
- Familiarity with AI concepts, including how AI tools may impact cybersecurity, privacy, and compliance
Benefits & conditions
- Generous cost sharing for medical insurance for the employee and dependents
- 100% company paid dental insurance for employees and dependents
- 100% company paid long-term and short-term disability insurance
- 100% company paid vision insurance for employees and dependents
- 401k plan with generous match and 100% immediate vesting
- Competitive Pay
- Generous paid leave and holiday package
- Tuition and training reimbursement
- Life and AD&D Insurance
