More jobs:
Senior Information System Security Officer; ISSO
Job in
Washington, District of Columbia, 20022, USA
Listed on 2026-05-22
Listing for:
SAIC
Full Time, Part Time
position Listed on 2026-05-22
Job specializations:
-
IT/Tech
Cybersecurity, Information Security
Job Description & How to Apply Below
Job
Location: Washington, DC, US
Date Posted:
Category: Cyber
Subcategory: Cyber GRC
Schedule: Full-Time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work:
Description
SAIC is seeking a Senior Information System Security Officer (ISSO) to support a critical U.S. government agency in the National Capital Region. This role reports to the Security Program Management Office (SPMO) Manager and works directly with the Lead ISSO to support authorization, compliance, continuous monitoring, and risk management activities across assigned systems.
This is an excellent opportunity for an experienced cybersecurity professional to contribute to the secure authorization and ongoing compliance of systems across both on-premise and cloud environments. The Senior ISSO will collaborate with federal ISSOs, system owners, engineers, and governance teams to maintain the confidentiality, integrity, and availability of government systems while supporting day-to-day Governance, Risk, and Compliance (GRC) operations.
ONSITE 3 days a week / 2 days remote
Responsibilities:
- Support system security authorization and continuous monitoring activities for assigned systems.
- Develop, implement, review, and maintain IT security controls in accordance with NIST SP 800-53, RMF, and agency security policies.
- Support the preparation, review, and submission of Security Authorization packages, including SSPs, SARs, POA&Ms, SIAs, and related authorization artifacts.
- Coordinate and prepare systems for Security Control Assessments (SCAs), ensuring documentation, evidence, and artifacts are accurate and complete.
- Conduct and document Security Impact Analyses (SIAs) for changes to hardware, software, cloud infrastructure, or connectivity.
- Participate in configuration and change control processes to ensure secure baselines are maintained and accurately reflected in system documentation.
- Assist in system categorization activities and validation of asset inventories to ensure appropriate control baselines are applied.
- Assess security control implementation effectiveness and identify deficiencies requiring remediation or risk acceptance.
- Support Risk Acceptance activities, POA&M tracking, remediation coordination, and audit response efforts.
- Support continuous monitoring activities by reviewing system changes, compliance evidence, and authorization-related activities to maintain ongoing compliance.
- Coordinate with system owners, engineers, and security stakeholders to support remediation and compliance activities.
- Participate in governance activities including standards reviews, exception handling, control updates, and policy compliance activities.
- Contribute to development and maintenance of security policies, procedures, technical documentation, status reports, dashboards, and risk briefings.
- Support maintenance of reporting artifacts, compliance metrics, workflow tracking, and collaboration sites using SharePoint, Power
BI, and related tools. - Support the Lead ISSO in execution of operational, compliance, and stakeholder coordination activities.
- Ensure assigned activities align with NIST RMF, NIST SP 800-53, FISMA, and agency cybersecurity requirements.
Requirements:
- Bachelor's degree and 5+ years of experience in cybersecurity, RMF, compliance, ISSO, or systems security engineering roles, or Master's degree with 3+ years of experience.
- Ability to obtain and maintain a public trust requiring U.S. Citizenship or .
- Hands-on experience supporting or implementing security controls in enterprise or federal IT environments.
- Experience supporting authorization activities including SSP development, POA&M management, SIAs, continuous monitoring, and assessment support.
- Working knowledge of NIST RMF, NIST SP 800-53, FISMA, and federal cybersecurity policies and processes.
- Familiarity with cloud and hybrid environments including AWS, Azure, or Google Cloud Platform.
- Familiarity with enterprise technologies such as Microsoft 365, Azure AD, Cisco, and Oracle environments.
- Working knowledge of network and system security concepts including encryption, secure baselining, identity management, and OS hardening.
- Experience supporting Security Control Assessments (SCAs), audits, or compliance reviews.
- Experience with GRC and SA&A tools such as Archer, eMASS, JCAM/CSAM, Xacta, or similar platforms.
- Familiarity with SharePoint and Power
BI for documentation management, reporting, workflow tracking, and metrics activities. - Strong documentation, analytical, organizational, and communication skills, including the ability to communicate technical issues to non-technical stakeholders.
- Ability to work independently and manage assigned tasks with limited oversight.
- Proficient in Microsoft Office (Word, Excel, PowerPoint, SharePoint).
- Security+, CAP, CISSP, CISM, or similar cybersecurity certification.
- Experience supporting federal systems, ATO processes, or government compliance programs.
- Familiarity…
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×