Jobs · Information Technology · Virginia

Senior Information System Security Officer

Core One · McLean, VA · 2 mo ago
Information TechnologyFull-time

Key Responsibilities

  • Lead and execute activities across all RMF phases (Prepare, Categorize, Select, Implement, Assess, Authorize, Monitor).
  • Develop, review, and maintain accreditation artifacts including System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessments, and POA&Ms.
  • Monitor compliance with NIST 800-53, 800-171, ICD 503, FedRAMP, FISMA, and agency-specific policies. Prepare for and support audits, inspections, and assessments.
  • Conduct vulnerability scanning, compliance checks, risk assessments, and remediation tracking using tools such as Nessus or Tenable.sc.
  • Create and maintain security documentation, continuous monitoring strategies, incident response plans, and compliance reports. Provide briefings and status updates to leadership and Authorizing Officials.
  • Collaborate with system owners, engineers, and developers to ensure security is integrated into design, development, and operations.
  • Support investigation, response, and remediation of security incidents.
  • Manage account recertifications, access reviews, and deliver security awareness training at the system level.
  • Serve as the primary cybersecurity point of contact for assigned systems, ensuring clear communication with internal and external stakeholders.

Required Qualifications

  • Bachelor’s Degree, or more advanced degree, in Information Technology, Computer Science, Cybersecurity, Computer Engineering, or Information Systems or related field
  • 5+ years of cumulative experience spanning IT systems administration, cybersecurity compliance, IT system troubleshooting, and incident response
  • 6+ years of experience in a role such as Information Systems Security Engineer (ISSE), accrediting Sponsor programs
  • Experience with completing new system(s) authorization and accreditation through the Sponsor’s Authorization and Accreditation (A&A) processes, procedures, security requirements, and systems (e.g. Greenlight)
  • Experience using the Sponsor’s A&A process to accredit systems built on C2E or C2S Amazon Web Services
  • Experience in security policy, counterintelligence, and security controls
  • TS/SCI w/ Poly Clearance

Desired Qualifications

  • Certified in AWS or equivalent cloud technology
  • Security+, Certified Information System Security (CISSP), Certified Information Security (CISM), or equivalent

Similar jobs