Federal Information System Security Officer (ISSO)
Exiger · McLean, VA · 2 wk ago
HybridInformation TechnologyFull-time
Role Summary
Exiger is seeking a mission-driven Federal Information System Security Officer (ISSO) to support the security, accreditation, and regulatory compliance efforts for our U.S. Public Sector business. This role will play a critical part in executing federal security programs, enabling government authorizations, and ensuring secure cloud architecture across civilian and defense environments. This is a hands-on role focused on driving operational excellence across federal compliance programs while supporting Exiger’s continued growth within the federal marketplace.
What You’ll Do
- Support the execution of Exiger’s federal information security and authorization strategy across civilian and defense environments
- Lead day-to-day activities associated with federal accreditation programs, including FedRAMP High, DoD CC SRG IL5/IL6, and agency-specific Authority to Operate (ATO) initiatives
- Develop, maintain, and update System Security Plans (SSPs), POA&Ms, and supporting documentation for federal compliance frameworks
- Ensure continuous monitoring, audit readiness, and regulatory reporting across all in-scope systems
- Build and maintain customer-ready security documentation and assurance packages to support federal procurement and oversight
- Partner with engineering, cloud infrastructure, and product teams to ensure security controls are properly implemented and maintained within system architectures
- Translate federal cybersecurity requirements (NIST, FISMA, CMMC, RMF) into actionable system-level controls and implementation guidance
- Coverage with Authorizing Officials (AOs), agency security teams, and third-party assessment organizations (3PAOs) during authorization and audit processes
- Support automation efforts for compliance evidence collection, reporting, and risk management tracking
- Assist in security briefings and documentation to support federal customer engagements and delivery
What You Need
- 5–10+ years of experience in federal cybersecurity, information assurance, or cloud compliance roles (ISSO, ISSE, or equivalent)
- Hands-on experience supporting ATO processes within federal environments, including RMF lifecycle activities
- Familiarity with FedRAMP and/or DoD IL5/IL6 requirements in cloud or SaaS environments
- Strong working knowledge of federal security frameworks including NIST 800-53, NIST 800-171, FISMA, and CMMC
- Experience developing and maintaining SSPs, POA&Ms, and other accreditation artifacts
- Experience working in AWS GovCloud, Azure Government, or similar regulated cloud environments
- Understanding of cloud security principles including identity and access management, encryption, vulnerability management, and logging/monitoring
- Ability to work cross-functionally with engineering, product, and compliance teams to implement and maintain security controls
- Strong organizational and communication skills, with the ability to manage multiple systems or programs simultaneously
- Active or ability to obtain and maintain a U.S. security clearance