Sr. Information Systems Security Officer (ISSO)

CGS Federal (Contact Government Services) is seeking an experienced Information Systems Security Officer (ISSO) with expertise in DIACAP and/or RMF to support Department of Commerce systems in achieving Authorization to Operate (ATO). This full-time position is located at the Herbert Hoover building in Washington, DC, and involves managing the full lifecycle of Assessment and Authorization (A&A) activities in accordance with NIST 800.53 and RMF requirements.

The role includes conducting security assessments, overseeing information system security activities, and supporting security authorization processes, including transitioning from DIACAP to RMF compliance. The ideal candidate will have at least five years of experience in security documentation, security assessment, and compliance, along with relevant certifications such as CCNA Security, CySA+, GICSP, GSEC, or Security+ CE.

Key responsibilities include:

1. Reviewing systems for security weaknesses and recommending improvements.
2. Managing cybersecurity risks and maintaining risk registries.
3. Providing security guidance based on NIST RMF, DoC policies, and local security standards.
4. Supporting vulnerability scanning and patch management activities.
5. Assisting with security authorization activities and policy development.
6. Researching and preparing risk assessment reports and mitigation strategies.

Qualifications include a Bachelor's Degree, extensive experience in security assessment and documentation, eMASS experience, and professional security certifications. Preferred qualifications include a Master’s Degree in Cybersecurity and certifications like CISSP or CASP.

CGS offers a comprehensive benefits package, a collaborative work environment, and opportunities for professional growth. We are an Equal Opportunity Employer committed to diversity and inclusion.