Logo
RPMGlobal

Jr Information Systems Security Officer

RPMGlobal, Washington

Save Job

Based in Northern, VA, Axiologic Solutions LLC offers opportunities to join our high-quality team that delivers innovative solutions to key federal clients. We are currently seeking a Junior Information Systems Security Officer to meet customer requirements with excellent customer service and engagement. This position requires the ability to anticipate needs, think critically, and offer professional solutions.

Responsibilities:

  1. Perform Security Assessment and Authorization (SA&A) activities for assigned systems, ensuring full compliance with Risk Management Framework (RMF) and Security & Privacy Assessment & Authorization (SPAA) Handbook guidance.
  2. Prepare, update, and maintain security authorization packages for Authorization to Operate (ATO) and Authorization to Test (ATT), including System Security Plans, Configuration Management Plans, Incident Response Plans, Information System Contingency Plans, system narratives, architecture diagrams, and memoranda.
  3. Manage all system artifacts and documentation, ensuring accuracy, timeliness, and compliance with DOJ templates, with attention to detail.
  4. Conduct and document annual core controls assessments, vulnerability scans, audit log reviews, Security Impact Analyses (SIAs), and risk decision memoranda with remediation plans.
  5. Oversee Plan of Action and Milestones (POA&M) development, tracking, and reporting; ensure weaknesses and vulnerabilities are documented and mitigated per DOJ policy.
  6. Maintain and update security documentation in the Joint Cybersecurity Assessment Management (JCAM) system as needed.
  7. Ensure ongoing compliance through continuous monitoring, vulnerability remediation, and control validation.
  8. Support incident response activities, including detection, analysis, reporting, and recovery, coordinating with DOJ stakeholders.
  9. Assist in preparing and submitting audit and certification reports such as FISMA, FISCAM, OMB A-123, and DOJ data calls.
  10. Support privacy assessments like IPA, PIA, and SORN in collaboration with the Office of Privacy and Civil Liberties.
  11. Assist with asset tagging and inventory updates through regular reviews in JCAM.
  12. Support Business Impact Analyses (BIA) for contingency planning, reviewing at least annually or with system changes.
  13. Help develop documentation, briefings, and presentations for ATO/ATT milestones.
  14. Support supply chain risk management by conducting risk assessments and responding to program requests.
  15. Monitor Ongoing Authorization (OA) triggers, submit eligibility requirements, and provide quarterly briefs on system status and risks.

Required:

  • Active Secret clearance with the ability to obtain TS/SCI clearance.
  • Minimum of 2 years experience in Governance Risk and Compliance (GRC), RMF, and NIST publications.
  • Experience developing, maintaining, and assessing ATO or ATT for low to moderate systems.
  • Strong communication, writing, and presentation skills for briefing senior leadership.
  • Proficient with security tools like JCAM or equivalent GRC tools, Tenable, BigFix, Splunk or SIEM, and adaptable to other tools used by CSS.
#J-18808-Ljbffr