Information System Security Officer (ISSO)

Digital Consultants, LLC•Rockville, MD

1d•$115,000 - $150,000

About The Position

Leading with our people, Digital Consultants’ mission is to deliver the highest level of professional solutions while being a trusted partner and advisor to our customers. With a culture of practicality, opportunity, and creativity, we remain dedicated to being honest, trustworthy, respectful, and ethical in everything we do. We are a certified SBA 8(a) small, disadvantaged business that supports multiple IT customers within the Federal, civilian, and private sectors. Digital Consultants also offers our employees growth opportunities, competitive wages, and a full benefits package. Our founding principles, Fairness and Common Sense, make working here more than a job; it’s the Digital family. Digital Consultants seeks an Information System Security Officer (ISSO) to support the NCATS Cybersecurity Support Services (CSS) contract. The ISSO will support the implementation and management of cybersecurity compliance activities across NCATS information systems and research platforms. The ISSO will work closely with system owners, cybersecurity engineers, and NIH security stakeholders to ensure systems meet federal cybersecurity requirements and maintain Authorization to Operate (ATO) under the NIST Risk Management Framework (RMF).

Requirements

Clearance: Public Trust or ability to obtain a Public Trust Clearance.
Certifications: CAP or CISSP preferred. Security+, CEH, GSEC, SSCP or similar certification required.
Education: Bachelor's Degree in Cybersecurity, Information Assurance, Computer Science, or related field.
Experience: 6–8 years of experience supporting RMF and federal cybersecurity compliance programs.
Experience supporting security authorization packages and continuous monitoring activities.
Experience supporting federal cybersecurity programs implementing NIST security frameworks.
Experience supporting NIST RMF lifecycle implementation.
Knowledge of NIST SP 800-53 security controls and federal cybersecurity compliance requirements.
Experience preparing and maintaining RMF artifacts including SSP, PIA, FIPS-199, and POA&M documentation.
Understanding of FISMA compliance and federal cybersecurity frameworks.
Experience supporting security assessments and audit preparation.
Strong analytical and documentation skills.
Ability to coordinate across technical teams, system owners, and cybersecurity leadership.
Physical Requirements: The candidate must be able to travel to other worksites as required and with or without reasonable accommodation, be able to sit, stand, use computers and monitors, and perform duties in an office environment for extended periods. The candidate must be able to lift up to 40 lbs. on occasion (e.g., moving a case of paper or similar task) that may occur occasionally.

Nice To Haves

Experience supporting NIH, HHS, or federal civilian agencies preferred.

Responsibilities

Support implementation of the NIST Risk Management Framework (RMF) lifecycle across NCATS systems.
Develop and maintain cybersecurity documentation including: System Security Plans (SSP) Privacy Impact Assessments (PIA) FIPS-199 security categorizations Plan of Action and Milestones (POA&M)
Coordinate preparation of security authorization packages supporting ATO decisions.
Support continuous monitoring activities, including documentation updates and security control validation.
Assist in conducting security assessments and audit readiness activities.
Coordinate with NCATS system owners, developers, and cybersecurity personnel to ensure compliance with federal security policies.
Support development of privacy compliance documentation and security risk assessments.
Track remediation of vulnerabilities and compliance findings.
Assist in preparing systems for security control assessments and authorization reviews.
Provide documentation and reporting support for cybersecurity governance and compliance initiatives.