Information Systems Security Officer (ISSO)

Responsibilities:

• Develop, implement, and maintain security policies, procedures, and controls in accordance with organizational and regulatory requirements
• Conduct risk assessments and vulnerability analyses to identify and mitigate potential security threats
• Oversee the security of information systems, ensuring compliance with NIST, FISMA, RMF, and other relevant frameworks
• Facilitate the application through the Risk Management Framework (RMF) process to achieve Authorization to Operate (ATO)
• Collaborate with system owners, administrators, and other stakeholders to ensure security requirements are integrated into the system development lifecycle
• Develop and maintain System Security Plans (SSPs), Risk Assessment Reports (RARs), System Boundary Diagrams, Systems Architecture Diagrams, and other security documentation
• Conduct security assessments and audits to ensure the effectiveness of security controls and compliance with established policies
• Manage and deliver system accreditation packages and ensure the effectiveness of security controls through regular audits
• Perform various ad hoc Project Management Office (PMO) related activities such as preparing, reviewing, updating, revising, and maintaining the project timeline, risk assessment, technical documents, deliverables, and other program-related documents at the direction of the contractor PM and GPM