|
Current Statistics
1,279,304 Total Jobs
207,708 Jobs Today
14,796 Cities
222,738 Job Seekers
146,874 Resumes |
|
|
 |
|
 |
 |
Information Systems Security Officer (ISSO) - Washington DC
Company: LightFeather
Location: Washington, DC
Posted On: 05/02/2025
LightFeather is seeking a highly skilled Information Systems Security Officer (ISSO) to lead cybersecurity initiatives and ensure compliance with federal security standards. This offers an opportunity to contribute to securing critical information systems in a high-stakes environment. The ISSO will support Risk Management Framework (RMF) processes, vulnerability management, and security authorization activities to maintain system integrity and compliance.This is a Full Time, Remote Position.Responsibilities:Security Compliance & Authorization: - Develop, maintain, and oversee security authorization packages in accordance with NIST 800-53, Risk Management Framework (RMF), and security policies.
- Support Assessment and Authorization (A&A) activities and ensure continuous adherence to FISMA compliance.
- Ensure Authority to Operate (ATO) status is maintained and updated as required.Continuous Monitoring & Risk Assessment:
- Perform continuous monitoring, security reviews, and system audits to detect vulnerabilities and ensure compliance.
- Conduct vulnerability scanning and penetration testing using tools such as Tenable Nessus, ACAS, and Qualys.
- Analyze and document security risks, providing mitigation strategies and risk acceptance recommendations.Security Operations & Incident Response:
- Coordinate with SOC teams to manage security incidents, remediation efforts, and forensic investigations.
- Ensure proper logging, auditing, and SIEM integration for system monitoring and security event correlation.
- Manage and enforce access control policies, including privileged account management and Active Directory security.Configuration & Change Management:
- Evaluate, approve, and oversee security-related configuration changes, system updates, and patches.
- Ensure security hardening and baseline compliance for Windows, Linux, and cloud-based systems.
- Support endpoint detection and response (EDR) solutions for system integrity.Policy Development & Stakeholder Collaboration:
- Develop and maintain security policies, SOPs, and technical documentation.
- Engage with system administrators, developers, and project teams to integrate security controls during the Software Development Lifecycle (SDLC).
- Communicate security risks and mitigation strategies to executive leadership and technical teams.Required Qualifications and Skills:
- US Citizenship.
- Active Top Secret clearance is strongly preferred (Secret clearance holders will be considered).
- Bachelor's degree in Computer Science, Cyber Security, Information Systems, or a related field.
- 5+ years of experience in cybersecurity, information assurance, or security engineering in a federal environment.
- Strong expertise in NIST 800-53, RMF, FISMA, and A&A processes.
- Hands-on experience with security tools such as:
- eMASS (Enterprise Mission Assurance Support Service)
- Tenable Nessus, ACAS, Qualys (Vulnerability scanning)
- Splunk, ELK, ArcSight (SIEM and log analysis)
- HBSS/ESS, McAfee/Trellix, Cylance, CrowdStrike (Endpoint security)
- SCCM, WSUS, Ivanti (Patch management)
- Proficiency in system administration and security configuration for:
- Windows Server, Linux, Active Directory (Group Policy, GPO hardening)
- Networking protocols, firewalls, IDS/IPS (e.g., Palo Alto, Cisco, Snort, Suricata)
- Cloud security frameworks (AWS, Azure, FedRAMP compliance)
- Scripting & automation experience (Python, PowerShell, Bash) for security operations.
- Excellent problem-solving, analytical, and communication skills.Preferred:
|
 |
 |
 |
 |
|
|
RSS Job Feeds