Senior Information Systems Security Officer (ISSO)

Job Description

Company: MDC

Location: Washington, US

Job Summary

Serve as the primary security point of contact for assigned federal systems, maintaining authorization posture, supporting POA&M remediation, coordinating continuous monitoring, and updating security documentation.

Key Responsibilities

· Maintain SSPP/SSP, POA&M, risk assessment, contingency plan, incident response plan, and supporting artifacts.

· Coordinate system-level continuous monitoring, vulnerability remediation, and security status reporting.

· Support ATO package updates after system changes, incidents, or control assessment findings.

· Work with system owners, SCAs, ATO SMEs, and cloud/cyber operations teams.

Required Qualifications

· 7+ years cybersecurity experience.

· 6+ years developing, maintaining, or assessing SA&A/ATO packages for IT systems.

· Strong knowledge of NIST SP 800-37, NIST SP 800-53, FISMA, POA&M lifecycle management, and continuous monitoring.

· Bachelor degree and at least one of: CISSP, CAP/CGRC, CISA, or CRISC.

Preferred Qualifications

· Experience with JCAM or similar federal A&A tool.

· Experience supporting systems with PII, CUI, cloud, or hybrid environments.

Pay: From $80,000.00 per year

Benefits:

• 401(k)

• 401(k) matching

• Dental insurance

• Employee assistance program

• Flexible schedule

• Health insurance

• Life insurance

• Paid time off

• Parental leave

• Professional development assistance

• Retirement plan

• Tuition reimbursement

• Vision insurance

Application Question(s):

• Do you hold at least two of the following certifications: CISSP, CAP/CGRC, CISA, CRISC, CISM, or CGEIT? Please list them.

• What tooks have you used for POA&M and continuous monitoring tracking?

• Do you have 6 or more years developing or maintaining SA&A/ATO packages?

Work Location: Hybrid remote in Washington, DC 20534

Source: Indeed