Information Systems Security Officer [Remote]

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Information Systems Security Officer based in the United States.

This role sits at the core of federal cloud security operations, ensuring that highly regulated environments meet strict compliance, risk, and authorization standards. You will be responsible for maintaining and enhancing security posture across government-facing systems while supporting the full Authorization to Operate (ATO) lifecycle. The position blends deep technical security expertise with governance, risk, and compliance (GRC) leadership, including continuous monitoring, audit readiness, and control enforcement. You will also contribute to the design and automation of security processes in cloud environments, helping reduce manual effort while improving visibility and resilience. This is a highly technical and mission-critical role operating at the intersection of cybersecurity, cloud architecture, and federal compliance frameworks. It offers the opportunity to directly impact the security and reliability of systems supporting government operations at scale.

Accountabilities:

• Manage and support the full Authorization to Operate (ATO) lifecycle, including documentation, assessments, and continuous authorization activities.
• Design, implement, and maintain Continuous Monitoring (ConMon) programs, including automated scanning, reporting, and remediation workflows.
• Serve as the primary security point of contact for federal compliance, audits, and external assessment organizations (3PAO).
• Develop and maintain System Security Plans (SSPs), security documentation, and compliance artifacts aligned with FedRAMP, FISMA, and NIST standards.
• Oversee vulnerability management, risk analysis, POA&M tracking, and remediation validation across cloud environments.
• Lead security control implementation and ensure alignment with federal frameworks such as NIST SP 800-53 and RMF.
• Manage change control processes, including security impact assessments and approval workflows for system modifications.
• Support incident response, disaster recovery, and business continuity planning, including coordination and post-incident analysis.
• Conduct access control audits and enforce least privilege principles through regular entitlement reviews.
• Collaborate with engineering teams to support secure cloud architecture and DevSecOps practices in regulated environments.

Requirements:

• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or related technical field (or equivalent experience).
• Active DoD 8140/8570 IAM Level II certification (e.g., CISSP, CISM, CASP+, or equivalent).
• Strong knowledge of federal security frameworks including FedRAMP, FISMA, RMF, and NIST SP 800-53.
• Proven experience managing ATO processes and supporting federal audits or 3PAO assessments.
• Hands-on experience with cloud security environments (e.g., AWS GovCloud or similar regulated platforms).
• Strong understanding of vulnerability management, SIEM tools, and enterprise security operations.
• Experience developing security documentation, architecture diagrams, and compliance artifacts.
• Strong analytical and problem-solving skills with the ability to operate in highly regulated environments.
• Excellent written and verbal communication skills for audit, governance, and stakeholder coordination.
• Familiarity with automation or scripting (e.g., Python, JavaScript, or similar) is a plus.

Benefits:

• Competitive salary range of $125,000 – $180,000 annually.
• Eligibility for performance bonuses and equity grants.
• Comprehensive health, dental, vision, and mental health coverage.
• Paid time off, parental leave, and flexible vacation policies.
• Strong focus on professional development and cybersecurity certifications.
• Remote flexibility within the United States.
• Inclusive, mission-driven culture with strong emphasis on security excellence and innovation.

How Jobgether works:

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

#LI-CL1

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.