Senior Information System Security Officer (ISSO) jobs in United States
cer-icon
Apply on Employer Site
company-logo

The Amatriot Group · 17 hours ago

Senior Information System Security Officer (ISSO)

positionFredericksburg, VA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$100K/yr - $130K/yr
date7+ years exp

The Amatriot Group is seeking a Senior Information System Security Officer (ISSO) to oversee security documentation and maintain the customer network's Authority To Operate (ATO). The role involves ensuring compliance with security standards, managing risk assessments, and coordinating incident response activities.

Responsibilities

Ensure information systems comply with FISMA, NIST RMF (SP 800-37), SP 800-53, and agency-specific security requirements
Maintain and enforce system security policies, procedures, and standards
Support Authority to Operate (ATO) processes, including continuous authorization
Identify, document, and assess system security risks and vulnerabilities
Develop, track, and manage Plans of Action and Milestones (POA&Ms)
Conduct and support periodic risk assessments and security impact analyses
Have experience evaluating STIG compliance
Ensure documentation remains current and reflects system changes
Develop, review, and maintain security artifacts, including:
System Security Plans (SSPs)
Security Assessment Reports (SARs)
Contingency Plans (CPs)
Incident Response Plans (IRPs)
Implement and manage continuous monitoring activities
Review security control effectiveness and coordinate periodic control assessments
Monitor vulnerability scan results and ensure timely remediation
Support detection, analysis, containment, and reporting of security incidents
Coordinate incident response activities with SOCs, ISSMs, and government stakeholders
Ensure incidents are reported in accordance with contract and agency timelines
Review and approve security-relevant system changes
Participate in Change Control Boards (CCBs) to ensure security impacts are assessed
Ensure secure configuration baselines are established and maintained
Ensure proper user access controls, least privilege, and account lifecycle management
Review privileged access and audit logs for suspicious activity
Enforce multi-factor authentication and identity management requirements
Ensure users complete required security awareness and role-based training
Provide system-specific security guidance to administrators and users
Serve as the primary security liaison between the contractor, government ISSM, and system owners
Support audits, inspections, and assessments by government or third-party assessors
Brief leadership on system security posture and risk status

Qualification

XactaFISMA controlsNessusCISSPCompTIA Security+CompTIA Network+Risk managementIncident responseSecurity documentationAccess controlSecurity awareness

Required

Security Clearance: Top Secret w/ CI Polygraph
At least seven (7) years of experience as an ISSO
Expertise with the agency's chosen GRC application (Xacta)
Experience with FISMA controls
Ability to perform periodic vulnerability and SCAP scans utilizing Nessus
Managing and approving all IT security documentation (i.e., System Security Plans, Rules of Behavior, POAMs, etc.)
Education: Bachelor's Degree or equivalent specialized experience in Information Technology or a degree in an information security related discipline
Certifications: Nessus
Certifications: CompTIA Security+

Preferred

Certifications: Certified Information Systems Security Professional (CISSP)
Certifications: CompTIA Network+

Company

The Amatriot Group

twitter
company-logo
The Amatriot Group (formerly Government Tactical Solutions) is a talent solutions firm built on almost 15 years of experience delivering mission-critical support to the intelligence, defense, and national security sectors of the federal government.
dateFounded in 2011
location
Vienna, Virginia, US
people-size201-500 employees
web-link
https://amatriot.com

Funding

Current Stage
Growth Stage
Company data provided by crunchbase