Information Systems Security Officer (ISSO)

Cyber Security Innovations
Camp Springs, MD, USA
$125K a year
Full-time
Quick Apply

Cyber Security Innovations (CSI) is seeking an Information Systems Security Officer (ISSO) with experience performing FISMA compliance for the federal government.

The ISSO is responsible for Security Authorization activities for CSI's client in accordance with National Institute of Standards and Technology (NIST) 800 series.

A successful candidate will manage tasks related to the planning and preparation for security documentation related to the system authorization process.

The individual should have extensive knowledge of cloud environments and FedRAMP processes. The individual should have a strong background in NIST 800-37, Risk Management Framework and NIST 800-53 security controls.

Responsibilities Include :

  • Develop and update the information system security documentation (e.g., Security Plan, Contingency Plan, Contingency Plan Test, Business Impact Analysis, FIPS-199, eAuthentication, Privacy Threshold Analysis, etc.)
  • Ensure systems are appropriately patched and hardened.
  • Coordinate the remediation of Plan of Action and Milestones (POA&M) with various groups.
  • Facilitate and support the Ongoing Authorization Program.
  • Effectively communicate technical information to non-technical personnel.
  • Conduct ISSO responsibilities to include the approval of change request, review of audit logs, review of system accounts, and analysis of vulnerability scans.
  • Develop waivers & exceptions for information system vulnerabilities.
  • Work with clients to develop capabilities briefings and presentations.
  • Provide security recommendations to the Risk Management Branch Chief.

Required Skills and Qualifications :

  • Must be a US Citizen able to obtain an agency-specific suitability / public trust clearance prior to starting.
  • Must reside within a commutable distance to our client's location in Camp Springs, MD in order to work a hybrid onsite schedule (1-2 days / week onsite).
  • One or more of the following certifications : CISSP, Security+, ISSAP, CEH, CISM, CISA.
  • Bachelor's degree or higher.
  • 5+ years of experience in the field of information security.
  • Knowledge of security tools, security architecture, and NIST security standards and compliance measurements.
  • Experience in the application of FISMA guidelines including the NIST special publications 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, 800-60, and 800-137.
  • Understanding of the NIST Supplemental guidance for Ongoing Authorization.

Desired Skills and Qualifications :

  • Engineering / architecture experience with systems in the cloud; specifically, AWS, Google, or Azure.
  • Experience with Agile development practices.
  • Ability to develop scripts or dashboards.
  • Experience with CI / CD - Deployment pipeline experience (e.g., Jenkins, Ansible, Terraform).
  • Experience with programming languages (e.g., Python, Java).
  • Experience with container / orchestration tools (e.g., Kubernetes, Docker, Puppet).
  • Possess ability to provide security recommendations during the change management process.
  • Extensive knowledge of Fortify, Twistlock, Nessus, DBProtect, and WebInspect vulnerability scanners.
  • AWS, Azure, Cloud Certification (Preferred).

Cyber Security Innovations (CSI) is an equal opportunity employer committed to diversity and inclusion in the workplace.

We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.

As a veteran-friendly employer, we encourage military veterans to apply.

This policy applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship.

CSI makes hiring decisions based solely on qualifications, merit, and business needs at the time.

CSI participates in the E-Verify Employment Verification Program.

Job Posted by ApplicantPro

1 day ago
Related jobs
Promoted
Cyber Security Innovations
Suitland-Silver Hill, Maryland

Information Systems Security Officer (ISSO). Knowledge of security tools, security architecture, and NIST security standards and compliance measurements. The ISSO is responsible for Security Authorization activities for CSI's client in accordance with National Institute of Standards and Technolo...

Promoted
Leidos Holding
Bowie, Maryland

Certified Authorization Professional (CAP), CompTIA Advanced Security Practitioner (CASP+) CE, Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or Associate, GIAC Security Leadership Certification (GSLC). Information Systems Security Officer ...

Promoted
McIntire Solutions
Bethesda, Maryland

Information Systems Security Officer. Provide support to senior ISSOs for implementing, and enforcing information systems security policies, standards, and methodologies. Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information. P...

Promoted
Insight Global
Suitland-Silver Hill, Maryland

Insight Global is seeking a Senior Information Systems Security Officer to join their team on a long term government program. ISSO, this person will be a part of the Cybersecurity team providing highly classified RMF and ATO package support, including reviewing security scans, packages, and partneri...

Promoted
GSSR Inc
Suitland-Silver Hill, Maryland

We are seeking a highly skilled and experienced Information SystemSecurity Officer (ISSO) to join our team. As an ISSO, you will play a crucialrole in ensuring the security and integrity of our information systems for bothin-house and external customers. Maintain the operational security posture of ...

Cyber Security Innovations
Camp Springs, Maryland

Information Systems Security Officer (ISSO). Knowledge of security tools, security architecture, and NIST security standards and compliance measurements. The ISSO is responsible for Security Authorization activities for CSI's client in accordance with National Institute of Standards and Technology (...

SMX Services & Consulting
Camp Springs, Maryland

Information Systems Security Officer (ISSO). The ISSO will oversee and manage the security requirements and compliance of USCIS's IT systems, ensuring adherence to federal security standards and policies. This role involves proactive risk management, security assessments, and incident response to sa...

Paragon Systems
Capitol Heights, Maryland

Some assignments may patrol assigned site on foot or in vehicle, checks for unsafe conditions such as hazards, unlocked doors, and security violations; protects evidence or scenes of incident in the event of accidents, emergencies, or security investigations; prepares logs or reports as requested. S...

In-Hire
Greater Baltimore-Maryland Area, United States

Validating and verifying system security requirements and establishing system security designs for large-scale systems, major system elements, and interfacing systems that are part of a large complex network environment with geographically distributed components. Identifying and implementing appropr...

ST2 ManTech Advanced Systems Intl
Adelphi, Maryland

Information Systems Security Engineer. The Information Systems Security Engineer (ISSE) responsible for program planning focused on supporting program-level technical meetings and providing TDL Status Reports. They report to the Program Chief Information Security Officer (CISO). They recommend syste...