ISSO

ASRC FederalWashington, DC
12hHybrid
Match Resume

About The Position

ASRC Federal Technology Solutions is looking for an Information Systems Security Officer (ISSO) responsible for ensuring the confidentiality, integrity, and availability of information systems by implementing and maintaining security controls in compliance with organizational policies, federal regulations, and industry standards. The ISSO serves as a key member of the cybersecurity team, overseeing the security posture of assigned systems, conducting risk assessments, and ensuring compliance with frameworks such as NIST, FISMA, and FedRAMP. Hybrid work schedule (onsite at least 3 days a week, Washington, DC) Responsibilities: System Security Management: Develop, implement, and maintain System Security Plans (SSPs) for assigned information systems. Monitor and evaluate system security controls to ensure compliance with organizational and regulatory requirements. Conduct regular security assessments, vulnerability scans, and audits to identify and mitigate risks. Risk Assessment and Mitigation: Perform risk assessments and develop risk mitigation strategies in accordance with NIST 800-53 or other applicable standards. Coordinate with system owners and stakeholders to address security vulnerabilities and implement corrective actions. Maintain Plan of Actions and Milestones (POA&M) to track and resolve security weaknesses. Compliance and Reporting: Ensure systems comply with federal regulations (e.g., FISMA, FedRAMP) and organizational policies. Prepare and submit security documentation, including Authorization to Operate (ATO) packages, to authorizing officials. Provide regular reports on system security status, incidents, and compliance to leadership and auditors. Incident Response and Recovery: Support incident response activities, including identification, containment, and remediation of security incidents. Document and report security incidents in accordance with organizational incident response plans. Participate in tabletop exercises and post-incident reviews to improve security processes.

Requirements

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
  • 10+ years of experience in cybersecurity, information assurance, or a related field.
  • Experience with security frameworks such as NIST 800-53, FISMA, and FedRAMP.
  • Prior experience as an ISSO or in a similar role supporting system security authorization processes.
  • Strong knowledge of cybersecurity principles, risk management, and security controls.
  • Proficiency in security tools (e.g., Nessus, Splunk, or similar).
  • Excellent analytical, problem-solving, and communication skills.
  • Ability to work independently and collaboratively in a fast-paced environment.
  • Ability to obtain a DOE Q Clearance

Nice To Haves

  • Preferred certifications include CISSP, CISM, CompTIA Security+, CAP, or other relevant cybersecurity certifications.

Responsibilities

  • Develop, implement, and maintain System Security Plans (SSPs) for assigned information systems.
  • Monitor and evaluate system security controls to ensure compliance with organizational and regulatory requirements.
  • Conduct regular security assessments, vulnerability scans, and audits to identify and mitigate risks.
  • Perform risk assessments and develop risk mitigation strategies in accordance with NIST 800-53 or other applicable standards.
  • Coordinate with system owners and stakeholders to address security vulnerabilities and implement corrective actions.
  • Maintain Plan of Actions and Milestones (POA&M) to track and resolve security weaknesses.
  • Ensure systems comply with federal regulations (e.g., FISMA, FedRAMP) and organizational policies.
  • Prepare and submit security documentation, including Authorization to Operate (ATO) packages, to authorizing officials.
  • Provide regular reports on system security status, incidents, and compliance to leadership and auditors.
  • Support incident response activities, including identification, containment, and remediation of security incidents.
  • Document and report security incidents in accordance with organizational incident response plans.
  • Participate in tabletop exercises and post-incident reviews to improve security processes.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar ISSO job opportunities

ISSO
Peraton
Peraton • Herndon, VA2d
🔥 New JobISSO
Titan Technologies Career
Titan Technologies Career • Reston, VA19h
🔥 New JobISSO
ASRC Federal
ASRC Federal • Washington, DC1d • Hybrid
ISSO
VTG
VTG • Fort Meade, SD6d
Senior ISSO
Pendleton Solutions
Pendleton Solutions • Offutt AFB, NE6d • Onsite
ISSO II
Alpha Omega Integration
Alpha Omega Integration • Vienna, VA8d • Remote
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service