Information Security Officer

IDM Group, LLC
Los Angeles, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
$ 150K

Job location

Los Angeles, United States of America

Tech stack

Amazon Web Services (AWS)
Azure
Cloud Computing Security
CompTIA Security+
Computer Security
Data Security
Information Security Management
IT Management
Network Security
Software Vulnerability Management
Google Cloud Platform
Software Security
RSA Archer Platform
ServiceNow
Vulnerability Analysis

Job description

We are seeking a qualified Information System Security Officer (ISSO) to support cybersecurity, compliance, risk management, system authorization, and continuous monitoring activities for an enterprise IT environment. The selected candidate will work closely with cybersecurity leadership, IT teams, auditors, system owners, and business stakeholders to help strengthen the organization's security posture and maintain compliance with applicable security standards and regulatory requirements., * Support Risk Management Framework (RMF) processes and the system authorization lifecycle.

  • Create and maintain system security baselines using NIST 800-53 security controls.
  • Develop, review, and maintain security documentation, including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), policies, procedures, and related compliance documentation.
  • Perform security control assessments, validation activities, and compliance reviews.
  • Support governance, risk, and compliance activities using GRC platforms such as ServiceNow GRC.
  • Ensure alignment with applicable cybersecurity frameworks and standards, including NIST, ISO 27001, PCI, TSA, and other regulatory requirements.
  • Conduct vulnerability assessments and track remediation activities through the risk registry.
  • Work with system owners and technical teams to identify, document, assess, and mitigate security risks.
  • Monitor systems for compliance with approved security baselines, policies, and procedures.
  • Support audit readiness activities and assist with responses to audit findings.
  • Coordinate with appropriate teams on incident response activities and ensure proper reporting and documentation.
  • Provide security guidance, awareness, and recommendations to technical and non-technical stakeholders.
  • Prepare regular status updates, risk reports, compliance summaries, and documentation for management review.
  • Collaborate with cross-functional teams to improve cybersecurity controls, processes, and overall security posture.

Requirements

  • Proven experience as an Information System Security Officer, cybersecurity compliance analyst, security assessor, or similar cybersecurity role.
  • Strong knowledge of NIST Risk Management Framework, NIST Cybersecurity Framework, NIST 800-53, and related standards.
  • Experience with security compliance frameworks, including NIST CSF 2.0, NIST 800-53, and NIST SP 800-161.
  • Experience developing and maintaining SSPs, POA&Ms, security policies, procedures, risk registers, and audit documentation.
  • Familiarity with vulnerability management tools, security assessments, remediation tracking, and risk reporting.
  • Strong understanding of network security, application security, data security, and enterprise IT security principles.
  • Ability to communicate effectively with technical teams, business stakeholders, auditors, and leadership.
  • Strong analytical, documentation, organizational, and problem-solving skills.
  • Ability to work onsite and support a 1-year engagement.

Preferred Qualifications

  • Experience with ServiceNow GRC or similar GRC platforms.
  • Knowledge of cloud security concepts and environments such as Azure, AWS, or Google Cloud Platform.
  • Relevant cybersecurity certifications such as CISSP, CISM, CISA, Security+, or similar.
  • Prior experience supporting enterprise, government, transportation, aviation, or highly regulated environments., The ideal candidate is detail-oriented, documentation-focused, and experienced in cybersecurity compliance, risk management, and security authorization processes. This person should be comfortable working across technical and non-technical teams, supporting audit readiness, tracking security risks, and helping maintain compliance with established cybersecurity frameworks.

Benefits & conditions

Compensation will be based on experience, qualifications, and availability.

Pay: From $72.00 per hour

Apply for this position