Information System Security Officer (TS/SCI Cleared)

Position Overview:
We are seeking a dedicated and detail-oriented Information System Security Officer (ISSO) to ensure the confidentiality, integrity, and availability of our information systems. The ideal candidate will bring at least 5+ years of cybersecurity experience and 2+ years of IT experience, with a deep understanding of security frameworks, risk management, and compliance requirements. TS/SCI clearance required.

Responsibilities:

• Security Program Management:
• Develop, implement, and maintain security policies, standards, and procedures.
• Oversee the security of information systems in compliance with applicable frameworks (e.g., NIST, ISO 27001).
• Conduct security risk assessments and provide mitigation recommendations.
• Compliance and Audit:
• Ensure systems comply with federal, state, and organizational regulations.
• Support and respond to internal and external audits, assessments, and inspections.
• Prepare and maintain security documentation, including System Security Plans (SSPs) and Risk Assessment Reports.
• Monitoring and Incident Response:
• Monitor information systems for potential security threats and vulnerabilities.
• Coordinate responses to security incidents, including investigation, mitigation, and reporting.
• Conduct regular security testing, such as vulnerability scans and penetration tests.
• Collaboration and Training:
• Work closely with IT teams to ensure secure system configurations and updates.
• Provide guidance and training to employees on security best practices and protocols.
• Serve as a liaison between management, IT teams, and regulatory authorities.
• Continuous Improvement:
• Stay updated on emerging cybersecurity threats, technologies, and regulations.
• Recommend and implement improvements to security processes and technologies.