×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Information Security Officer

Job in Baltimore, Anne Arundel County, Maryland, 21276, USA
Listing for: eSimplicity
Full Time position
Listed on 2025-12-27
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below

Information Security Officer

eSimplicity – a modern digital services company that partners with federal agencies to improve the lives and protect the well‑being of all Americans, from veterans and service members to children, families, and seniors.

Job Type

Full‑time

Description

This role is a key member of the security team responsible for managing the security posture of federated systems and ensuring compliance with federal regulations. The Information Security Officer (SO) specializes in continuously monitoring security controls, maintaining Authorization to Operate (ATO) artifacts, and coordinating with product, engineering, and infrastructure groups to remediate risks.

Purpose of Scope

Provide security support services while meeting compliance requirements for systems at various stages of maturity. Facilitate security tool implementation and usage, keep tools compliant, and ensure a successful program ATO. Own communication and visualization of security issues, coordinate responses to inquiries, and act as the primary liaison for security‑related data calls throughout the system development lifecycle.

Responsibilities
  • Work closely with Product Owners, ISSOs, and engineering teams to implement security policies, standards, and procedures.
  • Analyze new or updated security requirements, collaborate with stakeholders, and develop clear responses.
  • Support the review and update of ATO artifacts such as System Security Plans, Contingency Plans, Configuration and Change Management Plans, Incident Response Plans, and Privacy Impact Analyses.
  • Interpret security risk assessments, review scan results, assess vulnerabilities, and support remediation via Plan of Action & Milestones (POA&Ms).
  • Develop implementation and design documentation for security features.
  • Document remediation for vulnerabilities and non‑compliance issues in collaboration with engineering and infrastructure staff.
  • Analyze and interpret agency security requirements and communicate governance to non‑security personnel.
  • Collaborate with stakeholders to support continuous monitoring and ATO efforts.
  • Conduct vulnerability assessments and monitor systems, networks, databases, and web assets for breaches, recommending changes to enhance security.
  • Respond to alerts from security tools, investigate and resolve higher‑level incidents.
  • Manage security tool outages, degradation, tune rules, and maintain dashboards and reporting.
  • Research security trends and emerging attack vectors to preempt breaches and ensure regulatory compliance.
  • Educate users and new employees on security requirements and procedures.
  • Recommend process improvements for risk mitigation.
  • Apply iterative security automation across program aspects to continuously improve posture.
  • Provide audit log reviews in Splunk, present findings to ISSO, and plan remediation activities.
  • Perform periodic user and privileged access reviews.
Requirements
  • 8+ years progressive experience in information security, cybersecurity engineering, or system security roles.
  • Bachelor’s degree in computer science, information systems, engineering, business, or a related discipline.
  • Hands‑on experience supporting large federal security programs, including FISMA environments and CMS ARS 5.0+.
  • Proven ATO ownership—authoring, updating, and defending security artifacts.
  • Strong knowledge of NIST RMF and 800‑53 Rev. 5; ability to translate requirements into technical implementations.
  • Experience managing vulnerability and compliance scanning programs (Tenable, AWS Security Hub, Snyk).
  • Skilled at assessing findings, prioritizing remediation, and driving closure with engineering and Dev Sec Ops  teams.
  • Hands‑on experience securing AWS (IAM, Guard Duty, Cloud Trail, Security Hub) and SaaS platforms.
  • Embedding security into Dev Sec Ops  and CI/CD pipelines, including automated testing and monitoring.
  • Experience with SIAs, access reviews, and least‑privilege enforcement.
  • Configured, operated, and tuned security tools; maintained dashboards and reporting.
  • Operating within Agile/SAFe models, participating in sprint and PI planning and cross‑team coordination.
  • Strong written and verbal communication skills for technical, leadership, and government…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search