Overview
Information System Security Officer/ISSO Jobs in Virginia, Minnesota, USA at Chenega Corporation
Title: Information System Security Officer/ISSO
Company: Chenega Corporation
Location: Virginia, Minnesota, USA
Type: Full Time
Category: Security, IT/Tech
Position: Information System Security Officer (ISSO)
Information System Security Officer (ISSO)
Remote
We deliver essential technology services to our customers in support of their missions to sustain the national security and economic interests of our nation. Securi Gence is seeking an Information System Security Officer (ISSO) to support the Health and Human Services Administration for Community Living Enterprise IT Services Program.
The Information System Security Officer (ISSO) will be responsible for ensuring the security and compliance of the HHS ACL EITS systems. The ISSO will work closely with the program team to manage and maintain the security posture of information systems, ensuring compliance with federal guidelines such as FISMA, NIST, and other regulatory frameworks. The ISSO will be instrumental in identifying security risks, implementing mitigation strategies, and performing continuous monitoring to maintain a secure operational environment.
Responsibilities
Ensure that all HHS ACL EITS systems are in compliance with federal security standards, including FISMA, NIST 800-53, and other relevant federal regulations.
Manage the development, review, and approval of security authorization packages in accordance with the Risk Management Framework (RMF).
Conduct regular security risk assessments and develop risk mitigation strategies.
Oversee and document the development and implementation of security measures across systems.
Track and manage system vulnerabilities and security risks using tools such as vulnerability scanners and other monitoring tools.
Develop, update, and maintain System Security Plans (SSPs).
Lead efforts in continuous monitoring of information systems, ensuring that security controls are operating effectively and adjusting as necessary based on findings from audits or assessments.
Lead the incident response efforts for any security breaches or incidents within the program.
Report security incidents in a timely manner to stakeholders and provide recommendations for resolving the issues.
Work closely with Authorizing Officials (AOs) to ensure that all systems within the program are properly accredited and authorized to operate.
Ensure the security authorization process follows NIST RMF requirements, including developing security documentation, performing security testing, and ensuring corrective actions are implemented.
Develop and deliver security training and awareness programs for staff to ensure compliance with security protocols and federal guidelines.
Work with the program’s stakeholders to communicate security requirements and foster a security-conscious culture.
Other duties as assigned.
Qualifications
Bachelor’s degree in Information Technology, Cybersecurity, or additional experience in lieu of degree.
Minimum of 5 years of experience in cybersecurity, information assurance, or a related field, preferably within a federal environment.
Certified Information Systems Security Professional (CISSP), or equivalent experience and knowledge commensurate with certification requirements.
Public Trust BI is required.
Knowledge,
Skills and Abilities
:
Certified Information Security Manager (CISM) preferred.
Certified Information Systems Auditor (CISA) preferred.
Proven experience with FISMA, NIST RMF, and FedRAMP controls.
Strong understanding of security frameworks (NIST, FISMA, etc.).
Proficient with security tools, such as vulnerability scanners, security incident event management (SIEM) systems, and intrusion detection systems (IDS).
#J-18808-Ljbffr
