Information Security Officer

Brief Overview of Position:

Strategic Operational Solutions (STOPSO) is seeking candidates for an Information Security Officer role to support a federal client where we are focused on delivering innovative operations and solutions through proven successful methods. This individual is responsible for the planning, execution, and delivery of all program activities supporting the project. The Information Security Officer will ensure STOPSO provides advisory services, operational assistance for Government-managed and licensed components, and the expertise necessary to ensure secure and compliant operations.

Responsibilities:

• Provide security advisory services and operational support to ensure a secure, compliant cloud data platform environment in Microsoft Azure
• Support implementation and enforcement of federal security requirements including FISMA, NIST SP 800-53, FedRAMP, OMB, and DHS guidance
• Lead security architecture and design activities including Zero Trust implementation, RBAC/ABAC access control, encryption, and identity integration
• Oversee Authority to Operate (ATO) processes, including development of security documentation, control assessments, and coordination with Authorizing Officials and OCIO
• Conduct continuous monitoring activities including vulnerability scanning, compliance checks, audit logging, and security metrics reporting
• Identify, assess, and mitigate security risks, including managing POA&Ms, audit findings, and system vulnerabilities
• Ensure proper data protection controls including encryption in transit and at rest, key management, data classification, and privacy compliance for PII/CUI/PHI
• Support incident response activities including detection, reporting, investigation, forensics, and remediation in coordination with FTC CSIRT
• Develop and maintain security documentation including risk assessments, system security plans, POA&Ms, and compliance artifacts
• Provide cybersecurity input to cloud engineering efforts such as identity integration (Entra ID), SIEM integration (Microsoft Sentinel), and secure data pipeline configurations
• Conduct vulnerability assessments, penetration testing coordination, and supply chain risk assessments for cloud services and tools
• Collaborate with program management, engineering, and data teams to ensure security is integrated across all solution components
• Serve as the designated Information System Security Officer (ISSO) and act as a primary point of contact for security-related audits, data calls, and compliance reviews

Minimum Qualifications

• Bachelor's or Master's degree in Cybersecurity, Information Technology, Computer Science, or related field
• Minimum 5 years of experience in information security, including federal cloud security environments of similar scope and complexity
• Proven experience supporting ATO/ATU processes and continuous monitoring in government environments
• Experience securing cloud environments, preferably Microsoft Azure, including identity, networking, and data protection controls
• Hands-on experience with vulnerability management, incident response, and risk assessment processes
• Ability to obtain and maintain a Public Trust clearance and comply with federal security training requirements
• Required Certifications:

• Certified Information Systems Security Professional (CISSP) Certification
• Certified Cloud Security Professional (CCSP) Certification
• CompTIA Cloud+ Certification

Skills and Competencies

• Strong background in network security, threat detection, and vulnerability management
• In-depth knowledge of securing cloud environments (e.g., Microsoft Azure) and services related to big data
• Proficiency in data encryption, masking, anonymization, and data loss prevention
• Specific expertise in securing large-scale data systems
• Proven experience in handling security incidents from detection and analysis to recovery and post-incident reporting
• Deep knowledge of federal cybersecurity frameworks, including NIST SP 800-53, NIST SP 800-207 (Zero Trust), and FedRAMP requirements
• Proficiency in security technologies including SIEM tools (e.g., Microsoft Sentinel), identity and access management (Entra ID), and vulnerability scanning tools
• Experience implementing least privilege access, RBAC/ABAC models, and secure identity federation
• Ability to analyze complex security risks and develop actionable mitigation strategies
• Familiarity with large-scale data systems, analytics platforms, and securing structured/unstructured data environments
• Excellent written and verbal communication skills, including the ability to produce detailed security documentation and reports
• Strong collaboration skills with cross-functional technical teams and government stakeholders
• Ability to manage multiple priorities in a compliance-driven, high-security federal environment

Job Type: Full-time

Work Location: In person. All work performed under this contract shall take place at the following locations:

• Federal Trade Commission Headquarters 600 Pennsylvania Avenue, NW Washington DC 20580
• Federal Trade Commission GAO Building 441 G Street NW Washington DC 20548