IMAGE: Return to Main IMAGE: RSS Feed IMAGE: Show All Jobs

Position Details: Information Systems Security Officer (ISSO)

Location: Bethesda, MD
Openings: 1
Salary Range: 140-160



  • Ensure that IT Systems are operated, used, maintained, and disposed of in accordance with internal security policies and practices
  • Determining the baseline IT Security requirements for IT Systems, identifying system boundaries, determining information categories, assisting with FIPS-199
  • Enforce security policies and safeguards on all personnel having access to the IT System for which the ISSO has responsibility
  • Ensure users and system support personnel have the required authorization and need-to-know; have been indoctrinated; and are familiar with internal security practices before access to the IT System
  • Develop and maintain Plan of Actions and Milestones (POA&Ms) for IT systems
  • Review and monitoring system security and audit logs
  • Document system’s risk assessment per client directives and requirements
  • Developing a detailed project schedule, including SA&A/SCA task and milestones, task dependencies, and personnel resources
  • Review and generate SA&A and system documentation as needed
  • Update SA&A documentation and artifacts on a regular basis (e.g. annually, after approved change)
  • Conduct SA&A activities and tasks and obtain Authorization to Operate (ATO) in line with NIST and client guidance and directives
  • Develop and document all required artifacts for the SA&A package
  • Select baseline controls for the IT System using RSA Archer and tailor security controls as appropriate
  • Document security control implementation in the system’s Security Plan using the Library’s Information Assurance (IA) tool (RSA Archer)
  • Implement security controls based on IT System FIPS categorization
  • Conduct SCA for IT systems, when required
  • Conduct Contingency Plan Test (CPT) for systems


  • A minimum of five (6) years of demonstrated experience in the Information Security (Cybersecurity or Information Assurance) field
  • Demonstrates a proficiency with developing, maintaining and managing SA&A packages
  • Experience with developing and managing POA&M’s
  • Displays technical experience with conducting research and providing review recommendations on software and technologies for vulnerabilities
  • Technical experience with reviewing vulnerability scans and providing mitigation techniques
  • Possess expertise in conducting SCA’s
  • Experienced writing security related policies and procedures
  • Possess experience conducting CPT’s
  • Experience with conducting audit log reviews
  • Experience with NIST Special Publications and guidance
  • Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment
  • Excellent communication (written and verbal) skills


  • Bachelor’s degree or higher in computer science, Information Technology, Information Security, or similar fields



  • A minimum of at least one (1) certification must be active relating to information security such as:
    • Certified Information Systems Security Professional (CISSP)
    • GIAC Security Essentials Certification (GSEC)
    • CEH


  • Eligible to Public Trust

Perform an action:

IMAGE: Apply to Position

Powered by: CATS - Applicant Tracking System