Information System Security Officer (ISSO), Junior
Role details
Job location
Tech stack
Job description
Zen Strategics, a Titan Technologies company, is seeking a Junior Information System Security Officer (ISSO). The Junior ISSO supports the Information System Security Manager (ISSM) in maintaining the security posture of Department of Labor information systems. The Junior ISSO assists with implementing cybersecurity policies, maintaining Risk Management Framework (RMF) documentation, supporting security assessments, and ensuring compliance with federal cybersecurity requirements, including NIST guidance and Department of Labor security policies., * Assist with day-to-day cybersecurity operations for assigned information systems.
- Support implementation of the NIST Risk Management Framework (RMF).
- Develop and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), and supporting authorization documentation.
- Monitor security controls to ensure continued compliance with NIST SP 800-53.
- Participate in continuous monitoring activities and vulnerability management.
- Review security scan results from tools such as ACAS, Nessus, or Tenable and assist with remediation tracking.
- Support annual security control assessments and Authority to Operate (ATO) activities.
- Coordinate with system administrators, network engineers, and application owners to implement security controls.
- Assist in security incident reporting, documentation, and corrective actions.
- Maintain audit evidence supporting FISMA compliance.
- Ensure user access reviews are completed and privileged accounts are monitored.
- Participate in configuration management reviews and evaluate security impacts of system changes.
- Assist with security awareness activities and policy compliance.
Requirements
- 1-3 years of cybersecurity or information assurance experience.
- Basic understanding of:
- NIST RMF
- NIST SP 800-53
- FISMA
- Security Authorization (ATO)
- Continuous Monitoring
- Vulnerability Management
- Experience working with Windows Server and Active Directory environments.
- Strong written communication skills for developing RMF documentation.
- Ability to obtain and maintain a Public Trust or higher security clearance.
It's GREAT if you also have:
- CompTIA Security+
- CAP
- SSCP
- Familiarity with:
- eMASS
- ServiceNow
- Splunk
- Tenable/Nessus
- Microsoft Azure Government
- Microsoft Defender
- Experience supporting federal civilian agencies.
- Strong analytical and problem-solving abilities.
- Ability to work independently and within integrated project teams.
- Excellent communication and customer service skills.
- Knowledge of federal cybersecurity policies and compliance requirements.
- Detail-oriented with strong documentation skills.
Education:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).