Information Systems Security Officer II

Silosmashers - Arlington, VA

posted 3 days ago

Full-time - Mid Level
Remote - Arlington, VA
Professional, Scientific, and Technical Services

About the position

SiloSmashers is seeking an Information Systems Security Officer (ISSO) to ensure compliance with internal policies, controls, and standards, as well as client and regulatory security requirements. The ISSO will evaluate technological, operational, and process controls, support risk and compliance management, and assist in federal audits. This role is crucial for maintaining security standards and managing risks within the organization.

Responsibilities

  • Ensure compliance with internal policies, controls, and standards, as well as client and regulatory security requirements.
  • Evaluate technological, operational, and process controls to assess the design and implementation of security controls.
  • Support risk and compliance management and reporting, including risk assessments and System Security Plans.
  • Prepare Security Authorization Packages and Security Authorization memorandums.
  • Identify, assess, and prioritize risks, collecting evidence and documenting findings.
  • Report on compliance with internal policies and provide recommendations for remediation of deficiencies.
  • Communicate regularly with stakeholders to provide updates on project status and address issues.
  • Track and report on Plans of Action and Milestones (POAMs).
  • Coordinate third-party risk assessments and IT audits.
  • Manage remediation efforts and report on the status of control deficiencies.
  • Support security initiatives and global policy adherence efforts.
  • Provide security expertise to business units and key stakeholders.

Requirements

  • BS/BA in Computer Science, Information Systems, Software Engineering, or related field.
  • CISSP or CGRC certifications highly preferred.
  • 4+ years of experience in IT security, including SA&A and/or IT security risk analysis, preferably in the Federal Government.
  • Knowledge of Federal Government SA&A practices and policies, particularly FISMA, RMF, and NIST Special Publications 800 series.
  • 3+ years of experience with FedRamp systems (Azure, AWS, GCP).
  • Ability to work independently and collaborate with application developers and engineers.
  • Effective written and oral communication skills.

Nice-to-haves

  • Previous Federal Government experience is a plus.
  • Experience with a GRC Tool (CSAM) is highly desirable.

Benefits

  • 100% remote work with occasional on-site visits as needed.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service