FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Information Systems Security Officer – Hybrid
CoalfireInformation System Security Officer supporting information systems security for Federal agencies. Maintaining cybersecurity posture and documentation for assigned IT systems in Washington, D.C.
Posted 7/14/2026full-timeWashington, D.C. • District of Columbia, Washington • 🇺🇸 United StatesMid-LevelSeniorWebsite
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Expertise in managing cybersecurity aspects of information systems, including risk management, security assessments, and compliance with NIST standards. Proficient in developing security documentation and conducting continuous monitoring to ensure the integrity and availability of IT systems.
Highest-signal resume keywords
NIST Publications KnowledgeRisk Management Framework (RMF) ExperienceSecurity Assessment and Authorization (A&A) ActivitiesISSO Duties ExperienceCRISC, CISM, or CISSP Certification
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
Security Documentation PreparationSystems Security AssessmentVulnerability ScanningSecurity Control ImplementationSecurity Impact Analysis (SIA)Plan of Action and Milestones (POA&M) ManagementContinuous MonitoringCloud Service Models UnderstandingMobile Security TechnologiesFinancial Applications Security
Soft Skills
Advisory SkillsCommunication SkillsCollaboration SkillsProblem-Solving Skills
Certifications & Qualifications
CRISCCISMCISSP
Industry Keywords
CybersecurityInformation Systems SecurityComplianceRisk ManagementSecurity Control Requirements
Tech Stack
Tools & technologiesCloudCyber Security
About the role
Key responsibilities & impact- Maintain detailed knowledge and expertise required to manage the security aspects of assigned information systems.
- Ensure that the appropriate operational cybersecurity posture is maintained for assigned systems to provide confidentiality, integrity, and availability of information systems.
- For each system assigned to an ISSO, the ISSO will be responsible to complete and keep updated security documentations, such as SIA, SSP, POA&M, Configuration Management Plan, Vulnerability Reports, etc.
- Participate in planning and management of all phases of the Risk Management Framework (RMF) Security Assessment and Authorization (SAA) process.
- Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems.
- In coordination with SO team, develop standard operating procedures in accordance with security control requirements.
- Perform continuous monitoring of implemented security controls to ensure that they are implemented correctly, operating as intended and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems.
- Conduct continuous monitoring activities, to include: Maintenance of current ATO, Conducting periodic system self-assessments, Conducting periodic scans, Conducting log reviews, Ensuring proper sanitization of media prior to disposal.
- Work with technical teams to mitigate security control deficiencies and scan vulnerabilities for assigned IT systems.
- Assess the cybersecurity impact of changes to assigned IT systems and document findings in a security impact analysis (SIA) report.
- Conduct self-assessments of security controls, identify weaknesses and track remediation activities in POA&M.
- Manage the plan of action and milestone (POA&M) process for designated IT systems to provide timely detection, identification and alerting of non-compliance issues.
- In coordination with System Owner staff, create POA&Ms or remediation plans for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Provide the required system access, information, and documentation to security assessment and audit teams.
- Participate in security assessments and audits for assigned systems and facilitate evidence and/or data collection for data requests related to assigned systems.
- Complete required A&A activities on assigned IT systems.
- Brief senior management and ISSM on the security status of assigned authorization boundaries.
- Perform other duties as assigned.
Requirements
What you’ll need- Strong working knowledge and familiarity with NIST publications and privacy frameworks
- Demonstrated understanding of cloud service models, hybrid models, financial applications, and mobile security technologies and tools
- Demonstrated experience supporting an industry risk management tool executing A&A activities
- Completed Bachelor’s degree from an accredited university in an IT related field
- One or more of the following certifications: CRISC, CISM, or CISSP is strongly preferred
- At minimum 5+ years of hands-on work experience with ISSO duties; performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful security authorization of such systems.
Benefits
Comp & perks- Paid parental leave
- Flexible time off
- Certification and training reimbursement
- Digital mental health and wellbeing support memberships
- Comprehensive insurance options