HHS - Lead ISSO/RMF Lead jobs in United States
cer-icon
Apply on Employer Site
company-logo

cFocus Software Incorporated · 4 hours ago

HHS - Lead ISSO/RMF Lead

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
date8+ years exp

cFocus Software Incorporated is seeking a Lead ISSO/RMF Lead to support the Department of Health and Human Services. The role involves providing expert guidance on RMF processes, developing documentation, and ensuring compliance with federal regulations.

ChatbotGovernmentInformation TechnologySoftware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Provide expert guidance on RMF process execution and improvements
Develop templates, guidance, and documentation to support ISSO teams
Translate complex cybersecurity concepts for non-technical stakeholders
Develop executive briefings, dashboards, and reports
Support Zero Trust Architecture initiatives and supply chain risk management
Serve as the primary security point of contact for assigned systems
Notify HRSA SOC of suspected or confirmed incidents within one hour
Support incident response, remediation, and post-incident documentation
Ensure compliance with FISMA, OMB A-130, HHS, and HRSA policies
Support contingency planning, BIA development, and contingency testing
Lead RMF lifecycle execution for assigned systems following NIST SP 800-37 Rev. 2
Develop, maintain, and update all required FISMA security and privacy artifacts using HRSA eGRC
Prepare and maintain SSPs, SARs, POA&Ms, Continuous Monitoring Plans, and authorization packages
Conduct security categorization (FIPS 199) and ensure appropriate NIST 800-53 baselines are applied
Review, document, and track security findings and vulnerabilities to closure
Develop and manage POA&Ms with appropriate milestones, evidence, and ownership
Prepare Risk-Based Decisions (RBDs) when required and support AO adjudication
Coordinate with System Owners, SMEs, assessors, and DCSP leadership
Maintain acceptable CPIC Dashboard scores for assigned systems
Support ATO, annual assessments, and transition to ongoing authorization

Qualification

Information TechnologyCybersecurityNIST SP 800-37NIST SP 800-53EGRC toolsFISMACommunication skills

Required

Bachelor's degree in Information Technology, Cybersecurity, or related field
Minimum 8 years of experience in federal RMF / ISSO roles
Expert knowledge of NIST SP 800-37, 800-53, 800-53A, and FISMA
Experience with eGRC tools (e.g., RSA Archer)
Strong written and verbal communication skills

Company

cFocus Software Incorporated

twittertwitter
company-logo
cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.
dateFounded in 2006
location
Largo, Florida, USA
people-size11-50 employees
web-link
https://cfocussoftware.com/

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Manisha Griesinger, MPH, MSc
Program Manager | U.S. EPA Office of the Chief Financial Officer
linkedin
Company data provided by crunchbase