Senior ATO Subject Matter Expert

Washington, United States | Posted on 05/14/2026

Contract Type: Federal Government Contract (C2C/W2/1099)

Agency: U.S. Department of Justice — Federal Bureau of Prisons (BOP)

Contract: IT Cyber Security Support Services (IT CSSS)

Location: BOP Central Office, 320 First Street NW, Washington, DC 20534 (100% ON-SITE — No Remote Work)

Schedule: Monday–Friday, 0730–1600 EST

Duration: Base Year + Four Option Years

• U.S. CITIZENSHIP REQUIRED — No Exceptions (No Dual Citizens, No Green Cards, No Visa Holders)
• PUBLIC TRUST + SUITABILITY CLEARANCE REQUIRED (active or ability to obtain)
• DRUG TESTING MANDATORY — Urinalysis required at BOP facility
• BACKGROUND INVESTIGATION — Full federal background check including fingerprinting, credit check, criminal history
• Bachelor's degree in Cybersecurity, IT, Computer Science, or related field (Master's preferred)
• Minimum 10 years hands‑on ATO/RMF experience in federal environments
• Minimum 5 years specifically supporting DOJ or federal law enforcement ATO processes

We are seeking a Senior Authorization to Operate (ATO) Subject Matter Expert to serve as Key Personnel on a critical DOJ Federal Bureau of Prisons IT Cyber Security Support Services contract. This role leads all ATO lifecycle activities across BOP's enterprise IT environment, ensuring full compliance with FISMA, NIST Risk Management Framework (RMF), and DOJ‑specific security requirements including JCAM.

• Lead end‑to‑end ATO lifecycle management for all BOP information systems — from categorization through continuous monitoring
• Develop and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms)
• Conduct security control assessments aligned with NIST SP 800-53 Rev 5
• Manage continuous monitoring programs including vulnerability scanning, configuration audits, and automated compliance checks
• Serve as primary liaison between BOP CISO office, system owners, ISSOs, and DOJ authorization officials
• Prepare and present ATO packages to Authorizing Officials (AOs)
• Implement and manage RMF processes per NIST SP 800-37 Rev 2
• Support POA&M remediation tracking and coordinate closure of audit findings within SLA
• Lead compliance for FISMA reporting,
  FedRAMP cloud authorizations, and DOJ JCAM requirements
• Mentor junior security analysts and ISSOs on ATO processes

• NIST SP 800-53 Rev 5 — Security and Privacy Controls
• FISMA Compliance and Reporting
• JCAM (Justice Cybersecurity Architecture and Management)
• FedRAMP — Cloud Security Authorization
• SSP, SAR, POA&M development and management
• Vulnerability scanning tools (Tenable Nessus, Qualys, or equivalent)
• GRC platforms (CSAM, Xacta, eMASS, or equivalent)
• SCAP/STIG compliance and hardening standards

• CISSP (Certified Information Systems Security Professional)
• CAP (Certified Authorization Professional) — Highly Preferred
• CISM, CRISC, Security+ CE
• 100% On-Site at BOP Central Office, Washington, DC 20534
• Monday–Friday, 0730–1600 EST
• Federal law enforcement environment — strict security protocols

Salary Range: $140,000 – $165,000 (W2)

C2C Rate: $90/hr

IMPORTANT: This is a Key Personnel position on a federal contract. Candidates must meet ALL mandatory requirements.

Innosoft Corporation is an Equal Opportunity Employer.