Information Systems Security Officer (ISSO) (R-00023)

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ("Prosperous and Thriving" ($5MM – $50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine’s Top 5000 Fastest Growing Companies.
The Information System Security Officer (ISSO) serves as the principal advisor to the Information System Owner (ISO), Business Process Owner, and the Chief Information Security Officer (CISO) / Information System Security Manager (ISSM) on all matters, technical and otherwise, involving the security of their assigned information system(s).

Job Responsibilities

• Maintaining the overarching operational security posture and managing the day-to-day security operations of your assigned Information System (IS);
• Developing, reviewing, and maintaining security and authorization documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs);
• Performing vulnerability/risk assessment analyses to support assessment and authorization (A&A);
• Ensuring the implementation and maintenance of security controls in accordance with the SSP and the organization's security policies, standards, and procedures;
• Supporting security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).
• Providing configuration management (CM) for IS security software, hardware, and firmware, and leading Change Control Board (CCB) meetings; and,
• Providing guidance and security expertise to program leadership.

Qualification Requirements

• Experience with and knowledge of Federal DevSecOps frameworks and processes
• Experience with IS accreditors, policies, and procedures to support Authoriy to Operate (ATO)/Authority to Connect (ATC) decision making and operational practices.
• Experience with RMF, NIST SP 800-53, Security Technical Implementation Guides (STIGs), and/or Security Content Automation Protocol (SCAP) Compliance Checker
• Knowledge of and experience leading the A&A process
• Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
• Experience in preparing detailed SSPs to achieve ATO objectives.
• Knowledge of new and emerging IT and cybersecurity technologies.

Position Requirements

• BA or BS degree in Computer Science or related discipline from an accredited college or university, and/or at least 4 years of experience in related field
• Excellent communication skills, verbal and written, with ability to influence and collaborate with leadership, peers, and team members
• Approved to work in the United States
• Active clearance, or ability and willingness to submit for a clearance/BI process

We’re actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy:
- Competitive salary, paid twice per month- Best in class medical coverage- 100% of medical premiums covered by True Zero- Company wide new business incentive programs- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)- 3 weeks of PTO starting + 11 Paid Holidays Annually- 401k Program with 100% company match on the first 4%- Monthly reimbursement of Cell Phone and Home Internet costs- Paternity/Maternity Leave- Investment in training and certifications to broaden and deepen your technical skills