ISSO / Control Evaluator - Sr
cFocus Software Incorporated
ISSO / Control Evaluator – Senior Position Title: ISSO / Control Evaluator – Senior Opportunity: SBA Enterprise Cybersecurity Services (ECS) Position Overview The ISSO / Control Evaluator – Senior shall provide cybersecurity governance, Risk Management Framework (RMF), continuous monitoring, and security controls assessment support services for the U.S. Small Business Administration (SBA) Enterprise Cybersecurity Services (ECS) program. Key Responsibilities Serve as the senior ISSO and security compliance advisor for assigned SBA systems, applications, services, and cloud environments. Provide leadership and technical oversight for RMF assessment, authorization, and continuous monitoring activities in accordance with NIST SP 800-37 Rev. 2. Conduct and oversee testing and validation of NIST SP 800-53 Rev. 5 security and privacy controls in accordance with NIST SP 800-53A assessment procedures. Develop, review, update, and maintain cybersecurity and privacy documentation including SSPs, CMPs, ISCPs, ISCP Test Reports, ERAs, POA&Ms, and architecture diagrams. Support SBA Ongoing Authorization (OA) activities including development and execution of OA Playbooks, positive testing, and negative testing methodologies. Document Determine If Statements (DISs), assessment evidence, and technical findings to demonstrate security control effectiveness. Develop Security Assessment Plans (SAPs), Security Assessment Reports (SARs), Annual Assessment Reports (AARs), and remediation recommendations. Coordinate vulnerability management activities including validation of remediation actions, mapping vulnerabilities to NIST controls, and tracking POA&Ms closure activities. Support FISMA reporting, cybersecurity metrics collection, dashboard reporting, and Governance Risk and Compliance (GRC) tool updates. Provide audit support for IG, GAO, FISMA, and internal assessments by coordinating artifact collection, walkthroughs, and audit response activities. Support High Value Asset (HVA) assessment activities and FedRAMP Continuous Monitoring (CONMON) management activities. Review system architectures, network topologies, cloud environments, and security configurations to identify cybersecurity risks and compliance gaps. Participate in SBA Enterprise Change Control Board (ECCB) activities and cybersecurity governance reviews. Provide technical guidance to system owners, ISSMs, engineers, administrators, and program stakeholders regarding cybersecurity compliance and remediation strategies. Ensure all deliverables are peer reviewed, aligned with SBA implementation procedures, Section 508 compliant, and submitted within required timelines. Support enterprise cybersecurity continuous monitoring, risk analysis, and automation/visualization initiatives. Required Qualifications Bachelor’s degree in Cybersecurity, Information Assurance, Information Technology, Computer Science, Engineering, or related discipline. Minimum of eight (8) years of experience supporting federal cybersecurity, RMF, ISSO, or information assurance activities. Minimum of five (5) years of experience conducting security controls assessments, compliance evaluations, or continuous monitoring activities for federal systems. Extensive knowledge of NIST SP 800-53 Rev. 5, NIST SP 800-53A Rev. 5, NIST SP 800-37 Rev. 2, FISMA, and OMB cybersecurity guidance. Experience supporting ongoing authorization (OA), continuous monitoring, and cybersecurity governance activities. Experience developing and maintaining cybersecurity documentation including SSPs, SARs, SAPs, AARs, POA&Ms, and related RMF artifacts. Experience supporting cloud security assessments and FedRAMP environments including AWS, Azure, Microsoft 365, and SaaS platforms. Experience supporting federal cybersecurity audits including IG, GAO, and FISMA reviews. Strong analytical, technical writing, communication, and stakeholder engagement skills. Experience using Governance Risk and Compliance (GRC) platforms and cybersecurity assessment tools. Relevant certifications such as CISSP, CAP, CISA, Security+, GSLC, or equivalent preferred. Ability to obtain and maintain a Moderate Risk background investigation and eligibility for higher-level clearances if required. Desired Experience Experience supporting civilian federal agencies including SBA, DHS, or CISA. Experience supporting Zero Trust Architecture initiatives and FedRAMP CONMON activities. Experience coordinating penetration testing or vulnerability assessment remediation activities. Experience supporting enterprise cybersecurity dashboards, automation, and visualization reporting. #J-18808-Ljbffr cFocus Software Incorporated
- ...ISSO / Control Evaluator – Senior Position Title: ISSO / Control Evaluator – Senior Opportunity: SBA Enterprise Cybersecurity Services (ECS) Position Overview The ISSO / Control Evaluator – Senior shall provide cybersecurity governance, Risk Management Framework...Senior
cFocus Software Incorporated
Washington DC2 days ago - cFocus Software Incorporated in Washington, DC is seeking a Senior ISSO / Control Evaluator to provide cybersecurity governance and risk management support for the U.S. Small Business Administration's Enterprise Cybersecurity Services. This role involves oversight of security...Senior
- ...Description Centurion is currently seeking a Sr. Security Specialist (Information System... ...security risks and attend to the Change Control Boards. Respond to current and emerging... ...and assist in duties articulated in the ISSO checklist (i.e. classified spill cleanup,...Senior
Centurion Consulting Group, LLC
Washington DC1 day ago - 4353 Sr. ISSO 4353 | Job Description: OVERVIEW: We are seeking a Senior... ...-based systems. Performing security control assessments to include collecting... ...documents that they are responsible for evaluating. Ability to provide subject matter expert...SeniorWork at office
Procession Systems
Washington DC2 days ago - ...What You Will Do: Guidehouse is looking for an experienced professional with experience assessing and advising on privacy controls of information systems for federal organizations. Personnel assigned to this role will support the security and privacy compliance...SuggestedTemporary workFlexible hours
Guidehouse
Arlington, VA3 days ago - ...looking for a Senior Information Systems Security Officer (ISSO) to support a critical U.S. government agency in the National Capital... ...information systems by implementing and managing security controls aligned with federal cybersecurity frameworks, including the NIST...SeniorFor contractorsWork at office
Summit Technologies
Washington DC4 days ago - ...Sr. Information Systems Security Officer (ISSO) Category: Analytics and Emerging Digital Technologies Main location: United States, District... ...cross-functional teams to implement advanced security controls, lead audits, and drive strategic risk management across...SeniorFull timeLocal area
CGI
Washington DC2 days ago $135k - $216k
...Sr Information Systems Security Officer Peraton is seeking a Sr Information Systems... ...Publication (SP) 800-53: Recommended Security Controls for Federal Information Systems, NIST SP 8... ...an Information Systems Security Officer (ISSO) or Information System Security Engineer...SeniorContract workWork experience placementShift workPeraton
Washington DC4 hours ago- ...Senior Information System Security Officer (SR ISSO) Coalfire Federal is a market leading... ..., continuous monitoring, and security control implementation aligned with standards... ...Ensure that new vulnerabilities are evaluated by the respective subject matter expert...SeniorWork experience placementLocal areaFlexible hours3 days per week
Coalfire Federal
Washington DC3 days ago $114.6k - $192.5k
...skilled Information Systems Security Officer (ISSO) - Sr (Cloud) to support a mission-critical... ...including SSPs, POA&Ms, security control assessments, and related artifacts Coordinate... ...Conduct security assessments and evaluate system configurations against security baselines...SeniorContract workWork experience placementH1bSMX Corporation
Washington DC9 hours ago- ...highly experienced Senior Information System Security Officer (ISSO) to support a major federal initiative. The ISSO will provide technical... ...and audits, ensuring adherence to federal requirements and NIST controls. This role is vital for those looking to lead cybersecurity...Senior
$59.82k - $101.84k
...About the Job General Summary of Position Under the direction of the Sr. Supply Chain Manager the senior inventory control coordinator establishes monitors and controls warehouse inventory levels. Interfaces with Information Systems and provides PC and ERP systems...SeniorMedStar Health
Washington DC4 days ago- ...cybersecurity service provider is seeking an Information System Security Officer (ISSO) in Alexandria, Virginia. The ISSO will manage cybersecurity compliance, oversight of security controls, and continuous monitoring activities to ensure systems meet defense...Senior
- ...Senior Information Systems Security Officer (ISSO) Location: Annapolis, MD / Reston, VA / Washington, DC Work Model: 100% Onsite... ...efforts across programs • Implement and validate NIST 800-53 security controls • Support audits and security assessment events Technical &...SeniorFull time
Veracity
Washington DC3 days ago - ...Trade Commission is seeking an Information System Security Officer (ISSO) at the GS-14 level in Washington, DC. The role involves maintaining enterprise system security, managing risk-based controls under the NIST Risk Management Framework, and leading the development...Senior
- Description Tyto Athene is seeking a Sr. Information Systems Security Officer (ISSO), Cloud to support a federal customer on an Information Security program... ...selection, tailoring, and documentation of security controls aligned with system categorizations, Bureau risk...SeniorWork experience placementWork at officeWorldwide
- ...Senior Information Systems Security Officer (ISSO-S) Location: Fort Meade, MD This role requires an ctive Top Secret/SCI... ..., SCAP, STIGs); manage POA&Ms; oversee configuration and change control. Integrate security requirements into the SDLC; maintain SSPs...SeniorImmediate start
Metasys Technologies
Washington DC1 day ago - CGI Njoyn in Washington is seeking a Sr. Information Systems Security Officer (ISSO) to lead security measures for government initiatives. The role involves designing security controls, overseeing regulatory submissions, and assessing information security maturity. Ideal...Senior
- UIC Arctic Response Services, LLC is seeking an Information Systems Security Officer (ISSO Cloud) in Arlington, VA. This role entails managing security controls for DoD cloud migration projects and ensuring compliance with security accreditation. The ideal candidate will...Senior
- ...Insight Global is seeking an ISSO to support a large government customer. This person will work with a team of other ISSOs to verify... ...plans related to RMF delivery • Oversee system categorization and control selection based on NIST SP 800-53 • Conduct gap assessments,...Senior
Insight Global
Washington DC2 days ago - ...Cloud Information Systems Security Officer (Cloud ISSO) – Senior Level CGI Federal is seeking a Senior Cloud Information Systems... ...governance. This role advises system owners and cloud architects on control requirements, risk posture, and cloud-security best practices....SeniorContract work
CGI
Washington DC4 days ago - ...technical, and operations research analysts is skilled in evaluating military problems, identifying the driving factors, devising... ...superiority in the future. We have a future need for a Sr. ISR and Space Control Analyst to support the C4ISR and Space directorates within...SeniorShift work
- ...Authorization (A&A) support to GPO’s Information System Security Officer (ISSO) Develop and maintain RMF documentation, including POA&Ms, ATO... ...and workflows Support GPO in risk analysis, security control implementation, and audit response Coordinate with GPO...SeniorFull timeLocal area
TestPros
Washington DC2 days ago - ...response to cyber incident reports. Experience with industrial Control Systems (ICS), Operational technology (OT), Supervisory Control... ...Cyber Threat Intelligence (GCTI). Peraton is currently hiring Sr Industrial Control System Cyber Threat Intelligence Analyst for...SeniorCurrently hiring
- ...Senior ISSO Supporting Federal Government Agency SiloSmashers is seeking a highly experienced... ...to leverage efficiencies regarding control inheritance, O365 controls, Amazon Web... ...procedures, compliance checklist, source code evaluation and all other required information....SeniorContract workLocal area
Silo Smashers
Washington DC1 day ago $115k - $135k
...innovative team. The Senior Information Systems Security Officer (ISSO) supports complex Federal technology programs and oversees,... ..., renewals, and continuous monitoring Conduct security control assessments and analyze system risks to confidentiality, integrity...SeniorContract workLive inWork at officeRemote workFlexible hoursArc Aspicio
Washington DC1 day ago- Applied Training Solutions is seeking a Lead Exercise and Training Evaluator to oversee the evaluation of training programs and exercises. This role involves managing an evaluation team, analyzing performance, and developing reports while ensuring compliance with HSEEP...Senior
$78.4k - $173.5k
...Information Systems Security Officer (ISSO) - Senior Category: Cyber Security Main... ...configuration management, access control, and data protection. • Collaboration and... ...effective security approach. • Monitoring and Evaluation: They monitor network traffic, system...SeniorFull timeLocal areaCGI Technologies and Solutions, Inc.
Arlington, VA9 hours ago$78.4k - $173.5k
...Permanent Full Time Title Information Systems Security Officer (ISSO) - Senior Location Arlington, Virginia, United States Job... ...information systems, including configuration management, access control, and data protection. Collaborate with various teams, including...SeniorPermanent employmentFull timeLocal area$80k - $120k
...Senior Information System Security Officer (ISSO) SAIC is seeking a Senior Information System Security Officer (ISSO) to support... ...systems. Develop, implement, review, and maintain IT security controls in accordance with NIST SP 800-53, RMF, and agency security policies...SeniorWork at officeRemote work3 days per weekScience Applications International Corporation
Washington DC2 days ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to ISSO / Control Evaluator - Sr. Be the first to apply!
- evaluator Washington DC
- work from home web search evaluator Washington DC
- social media evaluator Washington DC
- senior development executive Washington DC
- senior technical manager Washington DC
- senior communications specialist Washington DC
- senior manager data science Washington DC
- senior platform engineer Washington DC
- senior procurement Washington DC
- senior director product management Washington DC