HHS - Sr. ISSO jobs in United States
cer-icon
Apply on Employer Site
company-logo

cFocus Software Incorporated · 18 hours ago

HHS - Sr. ISSO

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
date8+ years exp

cFocus Software Incorporated is seeking a Sr. ISSO to support the Department of Health and Human Services (HHS). The role involves leading the execution of the NIST RMF lifecycle for HRSA systems, serving as a primary security advisor, and ensuring compliance with cybersecurity policies.

ChatbotGovernmentInformation TechnologySoftware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance Requirednote

Responsibilities

Lead execution of the NIST RMF lifecycle (Categorize, Select, Implement, Assess, Authorize, Monitor) for assigned HRSA systems
Serve as the primary security advisor to System Owners, ISSOs, and program leadership
Develop, review, and maintain RMF artifacts including SSPs, SARs, POA&Ms, Continuous Monitoring Plans, BIAs, and Contingency Plans
Ensure accurate and timely entry of system security data into the HRSA eGRC platform
Manage POA&M development, prioritization, tracking, and closure in coordination with stakeholders
Prepare systems for initial ATOs, annual assessments, and ongoing authorization activities
Support Security Control Assessments (SCAs) and remediate findings in coordination with assessors
Develop Risk-Based Decisions (RBDs) and support Authorizing Official (AO) adjudication
Maintain acceptable CPIC dashboard scores and support corrective actions
Ensure compliance with FISMA, OMB A-130, HHS, and HRSA cybersecurity policies
Support vulnerability management, incident response, and configuration management activities
Provide mentoring and technical guidance to junior ISSOs and RMF analysts
Develop and maintain system security SOPs, workflows, and documentation
Prepare executive briefings, metrics, and reports on system security posture and risk

Qualification

CybersecurityNIST SP 800-37NIST SP 800-53Risk Management FrameworkCISSPEGRC toolsCommunication skills

Required

Bachelor's degree in Cybersecurity, Information Technology, or related field
Minimum 8–10 years of experience supporting federal RMF and ISSO functions
Expert knowledge of NIST SP 800-37, NIST SP 800-53, NIST SP 800-53A, and FISMA requirements
Hands-on experience supporting ATOs, continuous monitoring, and eGRC tools (e.g., RSA Archer)
Experience supporting systems containing PII and moderate/high impact data
Strong written and verbal communication skills
Ability to obtain a Public Trust clearance

Preferred

Active CISSP, CAP, CISM, or Security+

Company

cFocus Software Incorporated

twittertwitter
company-logo
cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.
dateFounded in 2006
location
Largo, Florida, USA
people-size11-50 employees
web-link
https://cfocussoftware.com/

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Manisha Griesinger, MPH, MSc
Program Manager | U.S. EPA Office of the Chief Financial Officer
linkedin
Company data provided by crunchbase