Coalfire

Senior Information System Security Officer – Hybrid

Coalfire

full-time

Posted on:

Location Type: Hybrid

Location: WashingtonDistrict of ColumbiaWashingtonUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cloud

About the role

  • Assume the role of ISSO for information systems and third-party services identified as High Value Assets (HVA) by the agency;
  • Perform technical security impact analysis for all changes to the information system;
  • Provide the guidance and oversight necessary to ensure the completeness and accuracy of documentation related to the Primary Responsibility or the Supporting Role assigned to the System Owner, Information Owner or Steward;
  • Ensure the implementation and maintenance of security controls in accordance with the Security Plan (SP) and Peace Corps policies and procedures;
  • Ensure the assigned FISMA systems maintain their ATO through independent security assessment and authorization;
  • Review all deliverables and RMF packages for accuracy;
  • Have oversight responsibility to ensure proper access controls have been implemented and managed;
  • Ensure audit logs are reviewed at an agreed upon frequency, where the frequency may increase if warranted by incident or situational awareness;
  • Be responsible for conducting assessments of controls for their system to ensure the controls have been implemented properly and are still effective where the risk posture is documented in a system risk assessment report;
  • Ensure documents provided to auditors are what was requested and approved for release;
  • Ensure that new vulnerabilities are evaluated by the respective subject matter expert and corrective action implemented;
  • Collaborate with the ISSE in conducting security impact assessments on changes to their respective FISMA systems;

Requirements

  • Hands on experience and strong understanding of FISMA, NIST Risk Management Framework and associated special publications (800-37, 800-53, etc)
  • Management skills
  • Interpersonal skills
  • Communication, written, verbal
  • Leadership skills
  • JCAM experience
  • Knowledge of cloud technologies and FedRAMP processes
  • Completed Bachelor’s degree from an accredited university in an IT related field, or equivalent combination of education and experience
  • Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered
  • One or more of the following certifications: CISSP, CISA, or GSLC
  • At minimum 5+ years of hands-on work experience with senior level ISSO duties; performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise databases leading to successful security authorization of such systems.
Benefits
  • Paid parental leave
  • Flexible time off
  • Certification and training reimbursement
  • Digital mental health and wellbeing support memberships
  • Comprehensive insurance options
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
FISMANIST Risk Management Frameworksecurity impact analysissecurity controlssecurity assessmentrisk assessmentsecurity documentationsecurity upgradescloud technologiesFedRAMP
Soft Skills
management skillsinterpersonal skillscommunicationleadership skills
Certifications
CISSPCISAGSLC