Senior ISSO

TL;DR

Senior ISSO (Cybersecurity): Assess, review, update, and develop security authorization documentation for federal IT systems with an accent on NIST RMF, FISMA compliance, and customer requirements. Focus on supporting ISSOs with POA&M maintenance, risk management, and working with security tools like NESSUS and Splunk.

Location: Arlington, Virginia, United States. Attend customer meetings in person unless otherwise noted. Ability to attain DHS SECRET security clearance required.

Company

hirify.global, a Tetra Tech Company, provides innovative cyber, technology, and business solutions to the public sector, leveraging AI, RPA, DevSecOps, and cloud transformation.

What you will do

• Assess, review, update, and develop security authorization and accreditation documentation consistent with laws, regulations, and best practices.
• Work with Federal customers to develop security-related documentation reflecting IT system security posture.
• Prepare security documentation and reports to support customer engagements.
• Support ISSOs with enterprise security, risk management, and POA&M maintenance in RMFP.
• Work with Engineers and System Administrators to document data flows, system architecture, and diagrams.
• Use security tools including NESSUS, AppDetective, Web Inspect, AppScan.
• Provide administrative support like status reporting, meeting minutes, and attend customer meetings.

Requirements

• 8 years IT cybersecurity experience including US Government support and 4 years as ISSO, assessor, or compliance analyst OR Bachelor's in IT/CS/Engineering + 5 years experience + 4 years ISSO role.
• One certification: CAP, CGRC, CISSP, CISM, CISSO or equivalent.
• Demonstrated knowledge of NIST Guidelines, FISMA, and all phases of NIST RMF.
• Experience with cybersecurity tools like Archer, Nessus, Splunk.
• Effective communication with technical, non-technical, and executive customers.
• Ability to attain DHS SECRET clearance.
• In-depth knowledge of IT security laws for Federal agencies.

Nice to have

• Technical background in Network Engineering, Systems Administration, Application Development.
• Hands-on experience with NESSUS, AppDetective, Web Inspect, AppScan.
• Strong written/oral communication, adaptability, proactive workstyle, task prioritization.

Culture & Benefits

• Competitive compensation, Health and Wellness programs, Income Protection, Paid Leave, Retirement.
• PTO, paid holidays, corporate events, continuing education reimbursements, 401K, ESPP.
• Culture encouraging out-of-the-box thinking, collaboration, and excellence.