Mobomo
Information System Security Officer (ISSO)
Responsibilities:
Serve as the primary point of contact for cybersecurity and authorization compliance for assigned systems. Develop, maintain, and update required security documentation including: System Security Plans (SSPs) Security Assessment Reports (SARs) Plans of Action and Milestones (POA&Ms) Ensure compliance with NIST SP 800-53 Rev. 5 controls and applicable Department of Commerce cybersecurity policies. Support all phases of the Risk Management Framework (RMF) and ATO lifecycle. Coordinate with system stakeholders including developers, system owners, and security assessors. Perform and interpret vulnerability scans and continuous monitoring activities using tools such as Tenable, CSAM, Splunk, etc. Track and remediate findings from internal/external audits and security assessments. Conduct Security Impact Analyses (SIAs) and contribute to risk assessments. Participate in Change Control Boards, security reviews, and interconnection agreement processes. Coordinate required cybersecurity training and awareness initiatives. Support data calls and reporting efforts such as FISMA compliance. Requirements:
Minimum of
3 years of IT experience , with at least
1 year in an ISSO or equivalent security compliance role . Bachelors degree in Information Technology, Cybersecurity, or Business -OR- Associates degree with 1 year relevant experience and a professional certification -OR- 2 years relevant experience with a professional certification (e.g., Security+, CISSP, CISM). Strong knowledge of NIST SP 800-53 Rev. 5 controls and the Risk Management Framework (RMF). Experience with security tools such as Tenable, CSAM, Splunk, Nessus, etc. Familiarity with federal compliance standards and policies (e.g., FISMA, FedRAMP). Ability to write clear, concise security documentation and reports. Experience working with or within federal agencies preferred. #J-18808-Ljbffr
Responsibilities:
Serve as the primary point of contact for cybersecurity and authorization compliance for assigned systems. Develop, maintain, and update required security documentation including: System Security Plans (SSPs) Security Assessment Reports (SARs) Plans of Action and Milestones (POA&Ms) Ensure compliance with NIST SP 800-53 Rev. 5 controls and applicable Department of Commerce cybersecurity policies. Support all phases of the Risk Management Framework (RMF) and ATO lifecycle. Coordinate with system stakeholders including developers, system owners, and security assessors. Perform and interpret vulnerability scans and continuous monitoring activities using tools such as Tenable, CSAM, Splunk, etc. Track and remediate findings from internal/external audits and security assessments. Conduct Security Impact Analyses (SIAs) and contribute to risk assessments. Participate in Change Control Boards, security reviews, and interconnection agreement processes. Coordinate required cybersecurity training and awareness initiatives. Support data calls and reporting efforts such as FISMA compliance. Requirements:
Minimum of
3 years of IT experience , with at least
1 year in an ISSO or equivalent security compliance role . Bachelors degree in Information Technology, Cybersecurity, or Business -OR- Associates degree with 1 year relevant experience and a professional certification -OR- 2 years relevant experience with a professional certification (e.g., Security+, CISSP, CISM). Strong knowledge of NIST SP 800-53 Rev. 5 controls and the Risk Management Framework (RMF). Experience with security tools such as Tenable, CSAM, Splunk, Nessus, etc. Familiarity with federal compliance standards and policies (e.g., FISMA, FedRAMP). Ability to write clear, concise security documentation and reports. Experience working with or within federal agencies preferred. #J-18808-Ljbffr