Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

ISSO

Trinity Enterprise Services, LLC

Information Security Security Specialist Officer (ISSO)

The ISSO conducts security and risk assessments as required using a range of security accreditation frameworks (e.g., NIST, RMF, Common Criteria, DoD, the Intelligence Community Directives (ICDs)), and works to mitigate risks by applying security controls effectively to achieve an acceptable degree of operational risk. As part of this process, the ISSO performs testing and security assessments to sustain required accreditations. The ISSO promotes the use of secure hardware and software within the systems affected by government and corporate approval standards. The ISSO works to ensure all required security policies and practices are effectively applied to systems and ensures security controls implementing these policies are applied and achieve the proper levels of confidentiality, integrity, availability, and privacy protection throughout the system life cycle. The ISSO also assists with the execution, analysis, and remediation activities for the vulnerability management program (scanning, assessment, reporting, and mitigation verification) that spans different accreditation entities, three distinct classification domain enclaves (U), (S) and (TS), using the Nessus and Tenable-ACAS vulnerability scanning tools.

Primary Responsibilities:

  • Develops risk mitigation strategies that contribute to the effectiveness, efficiencies, and performance outcomes for strategic projects, program goals, and business processes.
  • Must be able to quickly respond to the needs for updates and maintenance of security documentation, especially System Security Plans, Plans of Actions and Milestones (POA&Ms); Security Impact Assessment for proposed system changes, and Concept of Operations that identify and explain how each system satisfies its assigned security control baselines.
  • Maintains system security plans and related configuration records in customer Service+ (ServiceNow), XACTA-360 platform, and Leidos- CIO security tools.
  • Drives necessary security changes through steering groups and control (review) boards to meet Risk Management milestones.
  • Can work independently as well as collaboratively to drive security process improvements, especially to address gaps in meeting customer or Leidos security requirements and meet due diligence responsibilities.
  • Provides guidance and engages the program lab team to implement secure software and hardware processes, apply government security standards, and commercial best security practices.
  • Resolves highly complex security problems by applying technical knowledge, conceptualizing, reasoning, and interpretation of requirements.
  • Communicating with Leidos and NGA leadership (internally or client) regarding matters of significant importance to the organization/project.
  • Apply in-depth understanding of information security technical principles, theories, concepts, and their application across a range of programs.
  • Develop and maintain security documentation per NGA/IC/DoD- DISA/NIST/Industry standards and policies.
  • Initiate and coordinate all Assessment and Authorization (A&A) and renewal activities working with the NGA Designated Authorization Officials (DAO or DAOR).
  • Address any Information Assurance or Cybersecurity notices, orders, tasking, or directives as required following the NGA operations vulnerability and patch management processes.
  • Measure effectiveness of defense-in-depth architecture and Zero Trust policy implementations against known vulnerabilities.
  • Perform security audits and assessments, including creating, tracking, and assisting in remediation of Plan of Action and Milestones (POA&Ms).
  • Coordinate with System Administrators and others to remediate all vulnerabilities and report results.
  • Track open vulnerabilities and obtain and document approvals while managing POA&M status.
  • Update Security CONOPS and Information Technology Disaster Recovery (ITDR) plans for each Security Plan.
  • Manage security profiles and implementation for systems and services scheduled for Assessment and Authorization (A&A).
  • Work with the Systems Engineers and Administrators, Senior ISSO, ISSMs, Lab Team, and Leidos Corporate Security as required to develop and maintain security plans and associated documentation.
  • Maintain records and documentation on program IT systems, upgrades, patches, and connectivity configurations.
  • Evaluate security solutions and implementation strategies for program IT systems and services and maintains operational security posture of development, integration, and deployed capabilities.
  • Provide training and approve user access and IAA (identification, authorization, and authentication) mechanisms for information systems.

Basic Qualifications:

US citizenship is required per contract. BS degree and 8 to 12 years of prior relevant experience to operate within the scope of responsibilities. Active TS-SCI clearance with Polygraph NGA experience desired. Experience that demonstrates an understanding and application of the ICD-503 and NIST risk management framework. Experience desired with the following systems/platforms/tools: XACTA; XACTA 360 (preferred); HBSS; ACAS; Nessus, SPLUNK.

Preferred Qualifications: Has 3+ years of experience operating, analyzing, and resolving vulnerability scan results using tools such as Nessus, Tenable Security Center, or a comparable commercial or GOTs product. Active Certified Information Systems Security Professional (CISSP) certification or ISACA Certified Information Security Manager (CISM) certification. Intelligence Community experience preferred.

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the ISSO in Gaithersburg, MD vacancy
  • Job Overview Systems Engineering Services is seeking an ISSO Assessor based in the Rockville, MD area. This position requires work in office and is a hybrid role (3 days in office / 2 days remote) with a Public Trust clearance requirement. Key Responsibilities Conduct... 
    Suggested
    Work at office
    Remote work

    Secretaria de Serviços Prefeitura de São Paulo

    Rockville, MD
    4 days ago
  •  ...ll own Lynk’s cybersecurity compliance program across CMMC Level 2 / NIST SP 800-171, DFARS 7012, SOC 2 Type II, and GDPR. You’ll be ISSO for CUI-scoped systems: authoring SSPs, maintaining POA&Ms, running control assessments, and leading C3PAO engagement. Lynk has a... 
    Suggested
    Permanent employment
    Full time
    Contract work
    Remote work

    Lynk Inc

    Chevy Chase, MD
    3 days ago
  • $110k - $130k

     ...consistently deliver high‑impact, adaptive solutions that resonate with the unique needs of the public sector. Job Overview The RMF / ISSO Lead serves as the leader for the Risk Management Framework (RMF) program and Authority to Operate (ATO) lifecycle under the... 
    Suggested
    Full time
    Work at office
    Monday to Friday

    Development InfoStructure

    Bethesda, MD
    5 days ago
  • $86.8k - $198k

    ISSO Security Analyst The Opportunity: As a security analyst on our team, you’ll use your experience to work with Veterans Affairs (VA) Information System Owners (ISO), Information System Security Officers (ISSO), site managers, and other system stakeholders to coordinate... 
    Suggested
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    McLean, VA
    20 hours ago
  • Secretaria de Serviços Prefeitura de São Paulo is seeking an ISSO Assessor in Rockville, MD. This hybrid position requires 3 days in the office and involves conducting security assessments in accordance with NIST standards and providing recommendations to improve security... 
    Suggested
    Work at office

    Secretaria de Serviços Prefeitura de São Paulo

    Rockville, MD
    4 days ago
  • $110k - $130k

    Development InfoStructure is seeking a RMF / ISSO Lead to manage the Risk Management Framework lifecycle at NIH/OD IT. The role includes guiding risk management processes, ensuring compliance with NIST standards, producing necessary documentation, and supporting audits... 
    Full time

    Development InfoStructure

    Bethesda, MD
    4 days ago
  • cFocus Software seeks a Information Systems Security Officer (ISSO) to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance. Qualifications... 
    Full time
    Remote work

    cFocus Software Incorporated

    Bethesda, MD
    12 days ago
  • Lynk, located in Chevy Chase, MD, is seeking a Senior Compliance Engineer to manage cybersecurity compliance programs aligned with CMMC Level 2, NIST SP 800-171, and other regulations. You will report directly to the CISO, focusing on aligning security tools with compliance...
    Remote work

    Lynk

    Chevy Chase, MD
    3 days ago
  •  ...Job Description Job Description ISSO Employment Type: Full-Time, Experienced  Department: Information Technology  CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation... 
    Full time
    Local area
    Flexible hours

    Contact Government Services, LLC

    Rockville, MD
    8 days ago
  •  ...1(k) ~401(k) matching ~ Health insurance ~ Paid time off Stealth Solutions is seeking a knowledgeable and detail-oriented ISSO to support security compliance, risk management, and authorization activities for Salesforce and cloud-based federal systems. The ISSO... 
    Work from home
    Flexible hours

    Stealth Solutions, Inc.

    Sterling, VA
    26 days ago
  •  ...make meaningful contributions to challenging projects and grow a rewarding career. At GDIT, people are our differentiator. As an ISSO​, you will help ensure today is safe and tomorrow is smarter. Our work depends on an ISSO joining our highly skilled team to be a... 

    General Dynamics Information Technology

    McLean, VA
    15 days ago
  • $117.3k - $145.1k

     ...us to drive positive, lasting change that moves missions and the government forward! As an Information Systems Security Officer (ISSO), you'll be responsible for guiding government clients through the intricate process of obtaining and maintaining ATO... 
    Live in
    Work at office
    Local area

    Accenture

    McLean, VA
    2 days ago
  • A dedicated government contracting firm in Rockville, MD is seeking an Information Assurance/Security Specialist – Level II. You will ensure compliance with DoD cybersecurity policies while leading security incident investigations and preparing vulnerability reports. The...

    Systems Plus (Maryland)

    Rockville, MD
    4 days ago
  •  ...Defense Counterintelligence and ~ Certified Information Systems Security Professional (CISSP) ~ Information Systems Security Officer (ISSO) ~ Relevant experience with IT service, cybersecurity, and/or Program Security ~ Ability to work closely with government... 
    Work experience placement
    Work at office
    Immediate start
    Remote work
    Flexible hours

    GuidePoint Security

    Sterling, VA
    more than 2 months ago
  • $140k - $160k

    Job Title AMERICAN SYSTEMS is an employee-owned federal government contractor supporting national priority programs through our strategic solutions in the areas of Information Technology, Test & Evaluation, Program Mission Support, Engineering & Analysis, and Training...
    For contractors

    American Systems

    McLean, VA
    4 days ago
  • $160k - $180k

     ...Lead a multidisciplinary cybersecurity team spanning SOC/incident response, security engineering, vulnerability management, and RMF/ISSO support Coordinate teammate and subcontractor personnel and ensure flow‑down of all security, personnel, and reporting requirements... 
    Full time
    Contract work
    For contractors
    For subcontractor
    Work at office
    Remote work
    Monday to Friday

    Development InfoStructure

    Bethesda, MD
    5 days ago
  •  ...response, security architecture, vulnerability management, penetration testing, RMF support, security policy, training and awareness, and ISSO/system owner support. Ensure program activities align with applicable federal cybersecurity requirements, including FISMA, NIST SP... 
    Contract work
    For contractors

    Cyberdata Technologies, Inc.

    Bethesda, MD
    2 days ago
  • $38 - $42 per hour

     ...vulnerability scanning and assessment tools necessary to identify and document compliance Capable of providing thoughtful feedback to the ISO, ISSO and other VA Cyber Security leadership to identify risks, communicate recommended courses of action, and recommend process... 
    Long term contract
    Contract work
    Remote work

    Razor USA

    Rockville, MD
    2 days ago
  •  ...to join our security compliance team. In this role, you will work closely with the customer’s Information Systems Security Officer (ISSO) and play a critical part in safeguarding NLM’s IT infrastructure. The role focuses on implementing security controls, ensuring compliance... 
    Work experience placement
    3 days per week

    Futrend Technology

    Bethesda, MD
    3 days ago
  •  ...Science, Information Technology, or a related field 2+ years supporting federal cybersecurity programs, RMF, governance, compliance, or ISSO activities. Preferred certifications include Security+, CAP, CISSP, CISM, PMP, or equivalent. Knowledge of NIST RMF, NIST SP 800-5... 
    Contract work
    Work at office
    Remote work

    cFocus Software Incorporated

    Bethesda, MD
    1 day ago
  •  ...Equipment Custodian (ITEC), Unit Software License Manager (USLM), Client System Administrator (CSA), Installation Systems Security Officer (ISSO), and Cybersecurity Liaison (CL) annual training requirements. Maintain several RAID servers for file storage and data backup... 
    Full time

    Client Solution Architects

    Mc Lean, VA
    18 hours ago
  •  ...security architecture and Zero Trust, vulnerability management, penetration testing, RMF/A&A, CDM, security policy and training, and ISSO support — on a firm-fixed-price basis. Directly accountable for a 30-calendar-day Transition-In with zero degradation of... 
    Price work
    Contract work
    For contractors
    For subcontractor
    Work at office
    Remote work
    Monday to Friday
    Shift work

    Innosoft Corporation

    Bethesda, MD
    4 days ago
  •  ...Management to join our security compliance team. In this role, you will work closely with the Information Systems Security Officer (ISSO) and play a critical part in safeguarding organization’s IT infrastructure. You will be part of a broader IT program that provides end... 
    Work experience placement
    3 days per week

    Aac-Inc

    Bethesda, MD
    3 days ago
  • $160k - $180k

     ...clustering, encryption, and monitoring Apply security patches and vulnerability remediations against agency scan policy templates and ISSO security mandates Support FISMA security assessment and authorization activities as they relate to SQL Server and MySQL database... 
    Full time
    Contract work
    Local area
    Flexible hours
    Night shift

    Sikich

    Bethesda, MD
    2 days ago
  •  ...actions. Coordinate activities across cybersecurity operations, engineering, RMF, incident response, vulnerability management, and ISSO teams. Develop Program Management Plans, Task Order Management Plans, Risk Registers, and executive reporting. Produce... 
    Contract work
    Work at office

    Omniscius Consulting

    Bethesda, MD
    3 days ago
  • $124.09k - $166.75k

     ...management principles. Progressive experience in information assurance and cybersecurity roles. Direct, hands‑on experience as an ISSO or ISSM, with a proven track record of successfully supporting ATO for classified systems under ICD 503 policies. Extensive, hands‑... 
    Full time
    Contract work
    Temporary work
    Flexible hours

    General Dynamics Information Technology

    Mc Lean, VA
    4 days ago
  • $95k - $120k

     ...posture. This role works within the Information Assurance Team and collaborates closely with the Information Systems Security Officer (ISSO) to perform security operations, compliance monitoring, risk management, and incident response support aligned with federal... 
    Contract work
    Temporary work
    Work at office
    Local area

    JCS Solutions LLC

    Bethesda, MD
    18 days ago
  •  ...~7+ years of progressively responsible experience supporting Federal cybersecurity programs. ~5+ years serving as an ISSM, Senior ISSO, Security Manager, or equivalent cybersecurity leadership role. ~ Demonstrated experience managing multiple federal information systems... 
    Full time
    Remote work

    cFocus Software Incorporated

    Bethesda, MD
    12 days ago
  •  ...applicant should demonstrate knowledge and experience in organization processes and procedures specific to PMI, ITIL, CISSP, SDLC, Agile, ISSO, Six Sigma, and CMMI. The applicant will also be tasked with collecting information for strategic business mission planning and IT... 
    Full time
    For subcontractor
    Remote work
    Flexible hours

    Contact Government Services, LLC

    Rockville, MD
    a month ago
  •  ...Description Secure IT Service Management, a division of Paragone Solutions, Inc., is seeking an Information Systems Security Officer (ISSO) to join our team in a remote, temp-to-perm position. The ideal candidate will have extensive knowledge and expertise with Microsoft... 
    Permanent employment
    Temporary work
    For contractors
    Work at office
    Remote work

    Paragone Solutions, Inc.

    McLean, VA
    17 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to ISSO. Be the first to apply!