SonicJobs Logo
Left arrow iconBack to search

Information Systems Security Officer (ISSO)

Tetrad Digital Integrity LLC
Posted 5 days ago, valid for 20 days
Location

Washington, DC 20544, US

Salary

$110,000 - $135,000 per year

Contract type

Full Time

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • Tetrad Digital Integrity (TDI) is a cybersecurity firm focused on high-consequence environments, seeking an Information Systems Security Officer (ISSO) with 5+ years of relevant experience.
  • The ISSO will serve as the primary cybersecurity advisor, lead the Risk Management Framework (RMF) Security Assessment and Authorization process, and develop necessary security documentation.
  • Candidates must hold an active CISSP, CISM, CRISC, or equivalent certification, along with a Bachelor's degree in a related technical field.
  • The position is hybrid, requiring commute to the DC area three times per week, and involves collaboration to enhance the security posture of assigned systems.
  • Salary details are not specified in the job description.
Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments where mission, complexity, and trust intersect. Our single focus has been delivering cyber solutions to effectively manage risk & the business of cyber for 25 years!

TDI is seeking an Information Systems Security Officer (ISSO) to provide expertise needed to align and help mature the organization and technology-specific risk management plans and processes, through the implementation of the Risk Management Framework (RMF).Ā 
Ā 
This position is hybrid with commute to the DC area 3 times per week.
RESPOSIBILITIES:Ā 
  • Serve as the primary cybersecurity advisor to the System Owner (SO), Information Systems Security Manager (ISSM), and Chief Information Security Officer (CISO) on all security matters related to assigned information systems.
  • Lead and support all phases of the Risk Management Framework (RMF) Security Assessment and Authorization (A&A) process, ensuring assigned systems achieve and maintain a compliant Authority to Operate (ATO).
  • Develop, maintain, and update all required RMF security documentation, including System Security Plans (SSPs), Security Impact Analyses (SIAs), Plans of Action and Milestones (POA&Ms), Risk Acceptances, Configuration Management Plans, Supply Chain Risk Management Plans, Interconnection Security Agreements (ISAs), Memorandums of Understanding (MOUs), Information Exchange Agreements (IEAs), vulnerability reports, authorization letters, and other required security artifacts.
  • Perform continuous monitoring activities to verify security controls are implemented correctly, operating effectively, and meeting cybersecurity requirements by conducting security control self-assessments, reviewing vulnerability and compliance scan results, validating system log reviews, and ensuring periodic user account reviews are completed.
  • Assess the cybersecurity impact of system changes, document findings through Security Impact Analyses, and communicate associated risks and recommendations to stakeholders.
  • Identify security control deficiencies, manage the POA&M process, and coordinate remediation efforts with system owners and technical teams to resolve vulnerabilities identified through assessments, audits, inspections, and continuous monitoring activities.
  • Collaborate with engineering, operations, and system owners to strengthen the security posture of assigned systems while ensuring compliance with organizational cybersecurity policies and RMF requirements.
  • Support internal and external security assessments, audits, and authorization activities by providing required system access, documentation, evidence, and technical guidance.
QUALIFICATIONS:
  • U.S. Citizenship is requiredĀ 
  • Active CISSP, CISM, CRISC, or equivalent cybersecurity certification required.
  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related technical field.
  • 5+ years of experience performing security assessments, developing RMF/A&A documentation, and supporting the authorization of enterprise systems, networks, servers, databases, or cloud environments.
  • Working knowledge of NIST Risk Management Framework (RMF), NIST security and privacy publications, and security authorization processes.
  • Experience using Archer or a similar governance, risk, and compliance (GRC) platform to support Assessment and Authorization (A&A) activities.
  • Understanding of cloud service models (IaaS, PaaS, SaaS), hybrid cloud environments, financial applications, and mobile security technologies.
PAY RANGE:
The anticipated salary range for this position is $110,000 - $135,000. This range is a good-faith estimate and not a guarantee of compensation. Final compensation will be based on factors including experience, education, skills, geographic location, internal equity, market data and applicable contract requirements, and may fall outside the posted range.

TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.

ā€œTDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.ā€




Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.