Senior Information System Security Officer (TS SCI)
Role Overview
We are seeking a Senior Information System Security Officer to support a federal government client. This role involves leading efforts to remediate and stabilize a security environment that has been neglected. The primary goals are to clean up existing security and compliance issues and increase automation.
Key Responsibilities
- Lead the Risk Management Framework (RMF) lifecycle and the development of Authority to Operate (ATO) packages from start to finish.
- Manage and oversee Plans of Action and Milestones (POA&M), vulnerability remediation, and continuous monitoring activities.
- Provide hands-on support for incident response, threat assessments, and investigations.
- Develop and maintain System Security Plans (SSPs), Configuration Management Plans, Contingency Plans, and Incident Response Plans.
- Conduct risk assessments, annual security assessments, and vulnerability assessments.
- Lead security audits, accreditation efforts, and compliance reviews to ensure adherence to federal standards.
- Support the integration of security throughout the System Development Life Cycle (SELC) by working with development teams.
- Perform security architecture reviews and contribute to the design of secure solutions.
- Brief leadership on security posture and mentor junior ISSO staff.
Required Qualifications
- Education and Experience: Bachelor's degree with 10 years of experience, OR Associate's degree with 13 years of experience, OR 16 years of experience with no degree.
- Technical Skills and Certifications: Must hold one of the following: Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), or CompTIA Advanced Security Practitioner (CASP+).
- Deep expertise in FISMA, NIST, and DHS 4300A compliance frameworks.
- Experience with GRC tools such as Xacta IA Manager and/or CSAM.
- U.S. Citizenship is required for this position.
- Experience supporting federal systems in a hands-on and leadership capacity.
Preferred Qualifications
- Previous DHS or DoD experience.
- Experience with Supply Chain Risk Management.
- Experience with GRC tools such as RegScale or eMASS.
- Knowledge of Intelligence Community directives.
- Experience supporting emergency operations or disaster response missions.
- Strong communication skills for presenting to senior leadership.
Benefits
- Medical, dental, vision, life, disability, and other insurance plans.
- ESPP (employee stock purchase program).
- 401K program with company match.
- HSA (Health Savings Account on the HDHP plan).
- SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions.
- Corporate discount savings program and other discounts.
- On-demand training program, certification prep, and access to technical and leadership courses/books/seminars.
- Certification discounts and other perks to associations like CompTIA and IIBA.
- Dedicated customer service team for questions about benefits and other resources.
- Certified Career Coach.
About Everforth Apex
Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRateds Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico. Everforth Apex uses a virtual recruiter as part of the application process. Click here for more details.