Information Systems Security Officer (ISSO) (R-00023)
Washington DC
True Zero Technologies
True Zero specializes in creating cybersecurity programs and software solutions that enable agency leaders to run a proactive defense, with better intelligence and more efficient collaboration.The Information System Security Officer (ISSO) serves as the principal advisor to the Information System Owner (ISO), Business Process Owner, and the Chief Information Security Officer (CISO) / Information System Security Manager (ISSM) on all matters, technical and otherwise, involving the security of their assigned information system(s).
Job Responsibilities
- Maintaining the overarching operational security posture and managing the day-to-day security operations of your assigned Information System (IS);
- Developing, reviewing, and maintaining security and authorization documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs);
- Performing vulnerability/risk assessment analyses to support assessment and authorization (A&A);
- Ensuring the implementation and maintenance of security controls in accordance with the SSP and the organization's security policies, standards, and procedures;
- Supporting security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).
- Providing configuration management (CM) for IS security software, hardware, and firmware, and leading Change Control Board (CCB) meetings; and,
- Providing guidance and security expertise to program leadership.
Qualification Requirements
- Experience with and knowledge of Federal DevSecOps frameworks and processes
- Experience with IS accreditors, policies, and procedures to support Authoriy to Operate (ATO)/Authority to Connect (ATC) decision making and operational practices.
- Experience with RMF, NIST SP 800-53, Security Technical Implementation Guides (STIGs), and/or Security Content Automation Protocol (SCAP) Compliance Checker
- Knowledge of and experience leading the A&A process
- Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
- Experience in preparing detailed SSPs to achieve ATO objectives.
- Knowledge of new and emerging IT and cybersecurity technologies.
Position Requirements
- BA or BS degree in Computer Science or related discipline from an accredited college or university, and/or at least 4 years of experience in related field
- Excellent communication skills, verbal and written, with ability to influence and collaborate with leadership, peers, and team members
- Approved to work in the United States
- Active clearance, or ability and willingness to submit for a clearance/BI process
- Competitive salary, paid twice per month- Best in class medical coverage- 100% of medical premiums covered by True Zero- Company wide new business incentive programs- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)- 3 weeks of PTO starting + 11 Paid Holidays Annually- 401k Program with 100% company match on the first 4%- Monthly reimbursement of Cell Phone and Home Internet costs- Paternity/Maternity Leave- Investment in training and certifications to broaden and deepen your technical skills
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Business Intelligence C CISO Clearance Compliance Computer Science DevSecOps Encryption Firewalls NIST NIST 800-53 Risk assessment Risk Assessment Report Risk management RMF SCAP SRTM STIGs System Security Plan
Perks/benefits: 401(k) matching Competitive pay Health care Medical leave
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.