Information System Security Officer (Cybersecurity)
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Information System Security Officer (Cybersecurity): Maintaining the operational security posture of federal information systems for the U.S. Department of Transportation with an accent on Risk Management Framework (RMF) and federal compliance. Focus on managing security authorization packages, performing Security Impact Analyses, and remediating vulnerabilities to ensure continuous authorization.
Location: Cambridge, MA (Volpe Center) or Remote. Active Top Secret/SCI Eligible clearance required.
Company
provides advanced technical expertise and cybersecurity support to the U.S. Department of Transportation (DOT).
What you will do
- Maintain operational security posture for assigned information systems and programs.
- Develop and update system security documentation, including System Security Plans (SSPs) and authorization artifacts.
- Manage day-to-day security operations, including user accounts and access controls.
- Perform Security Impact Analyses (SIAs) and coordinate security-related system changes.
- Track and remediate security findings and Plan of Action & Milestones (POA&M) items.
- Coordinate with ISSMs, System Owners, and Authorizing Officials to support ATO packages and annual reviews.
Requirements
- Bachelor's degree in Cybersecurity, IT, Computer Science, or a related field.
- 5+ years of information security experience supporting federal information systems.
- Strong understanding of the NIST Risk Management Framework (RMF) and NIST SP 800-53.
- Experience supporting Authority to Operate (ATO) processes and continuous monitoring.
- Active Top Secret/SCI Eligible clearance.
- Excellent written and verbal communication skills.
Nice to have
- Experience supporting U.S. Department of Transportation (DOT) programs.
- Proficiency with Xacta or similar GRC tools.
- Knowledge of FISMA, FedRAMP, and DHS cybersecurity guidance.
- Certifications such as Security+ CE, CISSP, CAP, or CISM.
- Experience with cloud environments (AWS, Azure, or GovCloud).
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →
Похожие вакансии
Security Governance Consultant (Cybersecurity)
Risk Management Support Task Lead (Cybersecurity)
Vulnerability Remediation Coordinator (Cybersecurity)
Vulnerability Operations Engineer (Cybersecurity)
SOC Technical Operations Manager (Cybersecurity)