×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Senior Information Security and Privacy Officer

Job in Washington, District of Columbia, 20022, USA
Listing for: Tyto Athene
Full Time position
Listed on 2026-01-02
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

Description

Tyto Athene is hiring a Senior Information Security and Privacy Officer (ISPO) to support a law enforcement customer in Washington, DC. The successful candidate will ensure information systems meet security requirements and will lead and support ongoing privacy-related activities, including the development, implementation, maintenance, and enforcement of federal and organizational policies and procedures governing the protection of Personally Identifiable Information (PII) and other sensitive data.

The ISPO will bring strong knowledge of federal privacy laws and regulations and will support the program’s compliance with federally mandated privacy requirements, policies, and procedures.

Responsibilities

  • Lead and support information system security responsibilities utilizing the Risk Management Framework (RMF) lifecycle, including system Authorization to Operate (ATO) and continuous monitoring, while ensuring privacy and legal requirements are fully integrated.

  • Develop, update, and maintain security authorization packages in accordance with client requirements and NIST SP 800-53, including System Security Plans (SSPs), Risk Assessment Reports (RARs), Security Assessment Plans and Reports (SAP/SAR), Contingency Plans, Incident Response Plans, Standard Operating Procedures (SOPs), Plans of Action and Milestones (POA&Ms), Remediation Plans, Configuration Management Plans, Security Impact Assessments, and related artifacts.

  • Maintain, manage and support POA&Ms and remediation activities, including validation of corrective actions and participation in the continuous monitoring process.

  • Perform security and privacy risk analyses and technical assessments to identify weaknesses, deficiencies, and gaps, and recommend cost-effective and compliant safeguards.

  • Provide continuous monitoring oversight, including review of vulnerability scan results for applications, networks, and databases, ensuring findings are addressed in accordance with security and privacy policies.

  • Maintain an inventory of hardware and software within the system security boundary and coordinate with system owners, records management, and enterprise architecture stakeholders.

  • Develop, coordinate, test, and train on Contingency Plans and Incident Response Plans, and support incident response and continuity activities.

  • Conduct and oversee Privacy Threshold Analyses (PTAs) and Privacy Impact Assessments (PIAs), and remain current with evolving OMB policies, NIST guidance, and federal privacy laws.

  • Apply and interpret law enforcement and federal privacy requirements, including Criminal Justice Information Services (CJIS) Security and Privacy Policy, and support compliance within a Legislative Branch environment.

  • Support High Value Asset (HVA) identification and categorization using privacy, legal, and risk-based frameworks.

  • Develop, update, and maintain privacy directives, policies, and SOPs, including translating approved privacy policy into actionable operational procedures.

  • Integrate privacy-by-design principles into the System Development Life Cycle (SDLC), ensuring privacy requirements are addressed throughout system planning, development, testing, deployment, and maintenance.

  • Review, update, and deliver enterprise privacy training programs, including privacy awareness, advanced privacy training, records management, data collection practices, and role-based training models tailored to Legislative Branch versus DoD applicability.

  • Coordinate with internal and external stakeholders to complete mandatory agency data calls, audits, and reporting requirements in a timely manner.

Required Qualifications
  • 8+ years of professional experience with at least 5 years supporting ISSO RMF activities.
  • Bachelor’s Degree or 4 years of additional experience in lieu of a degree.
  • Knowledge of and proficiency in federal government privacy programs, with working knowledge of privacy laws and regulations and their relationship to the Privacy Act of 1974 and the E-Government Act of 2002.
  • A demonstrated understanding of information privacy, including information access, the release of information, and implementation of control technologies as they apply to privacy…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search