Isso
Washington, DC, US
⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️
Full Time Senior-level / Expert USD 168K - 173K
ASRC Federal
Achieving successful mission outcomes and elevated performance for federal civilian, defense and intelligence agencies, while building an enduring enterprise focused on customers, employees and shareholders.
ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™
ASRC Federal is looking for an Information Systems Security Officer (ISSO) responsible for ensuring the confidentiality, integrity, and availability of information systems by implementing and maintaining security controls in compliance with organizational policies, federal regulations, and industry standards. The ISSO serves as a key member of the cybersecurity team, overseeing the security posture of assigned systems, conducting risk assessments, and ensuring compliance with frameworks such as NIST, FISMA, and FedRAMP.
Hybrid work schedule (onsite at least 3 days a week, Washington, DC)
Responsibilities:
• System Security Management:
◦ Develop, implement, and maintain System Security Plans (SSPs) for assigned information systems.
◦ Monitor and evaluate system security controls to ensure compliance with organizational and regulatory requirements.
◦ Conduct regular security assessments, vulnerability scans, and audits to identify and mitigate risks.
• Risk Assessment and Mitigation:
◦ Perform risk assessments and develop risk mitigation strategies in accordance with NIST 800-53 or other applicable standards.
◦ Coordinate with system owners and stakeholders to address security vulnerabilities and implement corrective actions.
◦ Maintain Plan of Actions and Milestones (POA&M) to track and resolve security weaknesses.
• Compliance and Reporting:
◦ Ensure systems comply with federal regulations (e.g., FISMA, FedRAMP) and organizational policies.
◦ Prepare and submit security documentation, including Authorization to Operate (ATO) packages, to authorizing officials.
◦ Provide regular reports on system security status, incidents, and compliance to leadership and auditors.
• Incident Response and Recovery:
◦ Support incident response activities, including identification, containment, and remediation of security incidents.
◦ Document and report security incidents in accordance with organizational incident response plans.
◦ Participate in tabletop exercises and post-incident reviews to improve security processes.
Required Skills:
◦ Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
◦ 10+ years of experience in cybersecurity, information assurance, or a related field.
◦ Experience with security frameworks such as NIST 800-53, FISMA, and FedRAMP.
◦ Prior experience as an ISSO or in a similar role supporting system security authorization processes.
• Certifications:
◦ Preferred certifications include CISSP, CISM, CompTIA Security+, CAP, or other relevant cybersecurity certifications.
• Skills and Abilities:
◦ Strong knowledge of cybersecurity principles, risk management, and security controls.
◦ Proficiency in security tools (e.g., Nessus, Splunk, or similar).
◦ Excellent analytical, problem-solving, and communication skills.
◦ Ability to work independently and collaboratively in a fast-paced environment.
• Clearance: Ability to obtain a DOE Q Clearance
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.
EEO Statement
ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
ASRC Federal is looking for an Information Systems Security Officer (ISSO) responsible for ensuring the confidentiality, integrity, and availability of information systems by implementing and maintaining security controls in compliance with organizational policies, federal regulations, and industry standards. The ISSO serves as a key member of the cybersecurity team, overseeing the security posture of assigned systems, conducting risk assessments, and ensuring compliance with frameworks such as NIST, FISMA, and FedRAMP.
Hybrid work schedule (onsite at least 3 days a week, Washington, DC)
Responsibilities:
• System Security Management:
◦ Develop, implement, and maintain System Security Plans (SSPs) for assigned information systems.
◦ Monitor and evaluate system security controls to ensure compliance with organizational and regulatory requirements.
◦ Conduct regular security assessments, vulnerability scans, and audits to identify and mitigate risks.
• Risk Assessment and Mitigation:
◦ Perform risk assessments and develop risk mitigation strategies in accordance with NIST 800-53 or other applicable standards.
◦ Coordinate with system owners and stakeholders to address security vulnerabilities and implement corrective actions.
◦ Maintain Plan of Actions and Milestones (POA&M) to track and resolve security weaknesses.
• Compliance and Reporting:
◦ Ensure systems comply with federal regulations (e.g., FISMA, FedRAMP) and organizational policies.
◦ Prepare and submit security documentation, including Authorization to Operate (ATO) packages, to authorizing officials.
◦ Provide regular reports on system security status, incidents, and compliance to leadership and auditors.
• Incident Response and Recovery:
◦ Support incident response activities, including identification, containment, and remediation of security incidents.
◦ Document and report security incidents in accordance with organizational incident response plans.
◦ Participate in tabletop exercises and post-incident reviews to improve security processes.
Required Skills:
◦ Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
◦ 10+ years of experience in cybersecurity, information assurance, or a related field.
◦ Experience with security frameworks such as NIST 800-53, FISMA, and FedRAMP.
◦ Prior experience as an ISSO or in a similar role supporting system security authorization processes.
• Certifications:
◦ Preferred certifications include CISSP, CISM, CompTIA Security+, CAP, or other relevant cybersecurity certifications.
• Skills and Abilities:
◦ Strong knowledge of cybersecurity principles, risk management, and security controls.
◦ Proficiency in security tools (e.g., Nessus, Splunk, or similar).
◦ Excellent analytical, problem-solving, and communication skills.
◦ Ability to work independently and collaboratively in a fast-paced environment.
• Clearance: Ability to obtain a DOE Q Clearance
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.
EEO Statement
ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
Job stats:
0
0
0
Categories:
Compliance Jobs
Leadership Jobs
Tags: Audits CISM CISSP Clearance Compliance CompTIA Computer Science FedRAMP FISMA Incident response Nessus NIST NIST 800-53 POA&M Risk assessment Risk management Security assessment Splunk System Security Plan Vulnerabilities Vulnerability scans
Perks/benefits: Competitive pay Health care Insurance
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cybersecurity Engineer jobsSenior Security Analyst jobsSenior Information Security Analyst jobsSystems Administrator jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsCyber Security Specialist jobsSecurity Operations Engineer jobsSenior Product Security Engineer jobsInformation Security Manager jobsSenior Network Security Engineer jobsInformation System Security Officer (ISSO) jobsSenior Information Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSenior Software Engineer jobsNetwork Engineer jobsIT Security Engineer jobsCyber Threat Intelligence Analyst jobsCybersecurity Specialist jobsSecurity Operations Analyst jobsSoftware Engineer jobs
EDR jobsSecurity assessment jobsBash jobsEncryption jobsTS/SCI jobsThreat detection jobsSDLC jobsRMF jobsTerraform jobsIDS jobsSplunk jobsSQL jobsITIL jobsMalware jobsTop Secret jobsCompTIA jobsIPS jobsForensics jobsFinance jobsSOC 2 jobsOWASP jobsDocker jobsActive Directory jobsGIAC jobsClearance Required jobs
CRISC jobsOSCP jobsMITRE ATT&CK jobsDoDD 8570 jobsHIPAA jobsIntrusion detection jobsTCP/IP jobsVPN jobsCCSP jobsZero Trust jobsSOAR jobsDNS jobsIT infrastructure jobsJavaScript jobsAnsible jobsUNIX jobsNIST 800-53 jobsJira jobsKPIs jobsIndustrial jobsBanking jobsMachine Learning jobsSANS jobsData Analytics jobsSOX jobs