Information System Security Officer (ISSO) - DHS jobs in United States
cer-icon
Apply on Employer Site
company-logo

LMI · 4 months ago

Information System Security Officer (ISSO) - DHS

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$120K/yr - $189K/yr
date8+ years exp

LMI is a digital solutions provider focused on enhancing government impact through innovation. They are seeking an Information System Security Officer (ISSO) to manage cybersecurity documentation, advise on system risks, and ensure compliance with DHS policies.

AnalyticsConsultingInformation TechnologyLogisticsManagement ConsultingProfessional Services
check
Comp. & BenefitsbadNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Acquire and manage all necessary documentation/artifacts, including cybersecurity support and resources, to support IT cybersecurity goals and objectives from a risk management perspective
Advise senior management on system risk levels and cybersecurity posture for cloud-based environments
Assist in the deployment, architecture and configuration of security controls of deployed systems with Cloud Architects
Ensure that developed systems and architectures are consistent with all applicable DHS cybersecurity policies and guidelines
Perform Assessment and Authorization (A&A) cybersecurity reviews, identify gaps, and support risk management plans for cybersecurity personnel to execute
Provide input on cybersecurity requirements and collect and maintain data needed to meet system cybersecurity compliance reporting
Provide subject matter expertise for Risk Management Framework (RMF) activities and related documentation to support system accreditation / Authority to Operate (ATO) requirements
Interpret noncompliance to determine the impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program
Track audit findings and recommendations to ensure that appropriate mitigation actions are taken
Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs)
Coordinate with geographically-distributed, multi-discipline teams to ensure compliance with all applicable requirements for cybersecurity are addressed
Ensure that plans of action and milestones (POAM) or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. and support necessary remediation/compliance activities
Participate in recurring cybersecurity working group meetings
Oversee and manage A&A activities to support their respective systems and security activities
Work with program ISSOs and ISSMs to effectively aggregate technical details for government leadership including the cybersecurity lead, project managers, program managers to facilitate succinct and effective risk discussions and provide understanding of respective program risks
Provide security support and evaluation to development teams to integrate information assurance/cyber security and remediate vulnerabilities throughout the System Life Cycle Development
Lead the development, review and management of system Assess and Authorize documentation to ensure it is compliant with RMF standards
Develop guidance and assists associates through the RMF phases
Participate in ATT and ATO activities
Support the organization's program that implements information systems security technology and procedures
Review DHS policy and develop local policy and procedures that implement the DHS Cybersecurity subprograms and initiatives
Create and submit Plan of Actions & Milestones (POA&M) for review and approval by the Authorizing Official (AO)

Qualification

SP 800-37 RMFNIST 800.53Security + certificationCybersecurity toolsAWSAzureGoogle CloudCybersecurity requirementsLocal policy developmentRisk management plans

Required

Bachelor's degree in a related field or equivalent experience
8+ years demonstrated SP 800-37 RMF, NIST 800.53 experience
Familiarity with cybersecurity tools such as Aquasec and Sonar Qube
Must possess a Security + certification
Experience developing or ensuring development adheres to cybersecurity requirements and best practices (e.g., NIST controls)
Familiarity with commercial off-the-shelf solutions for specific security capabilities
DHS/CBP background investigation highly preferred

Preferred

Exposure to AWS, Azure and Google Cloud
Host Base Security System (HBSS), Tenable Nessus Vulnerability Assessment, EMASS

Company

LMI

twittertwittertwitter
Glassdoor4.2
company-logo
LMI is a consulting firm dedicated to improving the management of government.
dateFounded in 1961
location
Virginia, Nebraska, USA
people-size1001-5000 employees
web-link
http://www.lmi.org

Funding

Current Stage
Late Stage
Total Funding
$0.25M
Key Investors
Mission Daybreak
2022-09-19Grant· $0.25M
2022-07-12Private Equity
2020-12-21Acquired

Leadership Team

leader-logo
Joshua Wilson
Chief Executive Officer
linkedin

Recent News

Washington Technology
LMI promotes Wilson to chief executive
2025-10-03
PR Newswire
Agile Defense Welcomes Angela Estes as Vice President, Army
2025-10-02
Washington Technology
Tech, growth and operations leadership moves across the market
2025-08-09
Company data provided by crunchbase