Sr. Information Systems Security Officer (ISSO)

CGS Federal is seeking an experienced Information Systems Security Officer (ISSO) with expertise in DIACAP and/or RMF, focusing on security assessment documentation to support Department of Commerce systems and achieve their Authorization to Operate (ATO). The position is located at the Herbert Hoover building in Washington, DC, and involves full lifecycle Assessment and Authorization (A&A) management through all 6 steps of the RMF process, supporting the Government ISSM.

The role includes conducting security assessments and oversight activities in accordance with NIST 800.53, from the perspective of RMF requirements.

CGS offers a collaborative environment that encourages professional growth through various learning opportunities, aiming to solve dynamic government problems with innovative technology.

• Review systems for potential security weaknesses and recommend improvements
• Manage cybersecurity risk at an organizational level
• Identify, prioritize, and document risks for senior leadership
• Provide security guidance using NIST RMF, DoC policies, and local security policies
• Recommend configuration management for security software, hardware, and firmware, coordinating changes with relevant officials
• Maintain compliance with vulnerability scanning tools like HBSS or ACAS and patch management systems like IAVM
• Support security authorization activities, including transitioning from DIACAP to RMF
• Provide expertise in cybersecurity and trusted system technology
• Research, write, review, and finalize security assessments, policies, and reports
• Conduct risk assessments and provide mitigation strategies

• Bachelor’s Degree
• At least 5 years of experience in roles such as IA Analyst, ISSE, ISSO, with experience in ATO package development
• Experience with eMASS
• Professional security certifications such as CCNA Security, CySA+, GICSP, GSEC, Security+, SSCP or higher
• Strong skills in Microsoft Word and Excel
• Ability to multi-task in a deadline-driven environment

• CISSP, CASP, or similar certification
• Master’s Degree in Cybersecurity or related field
• Strong organizational and analytical skills
• Ability to work independently and in teams
• High work ethic and commitment to quality

CGS is committed to fostering an inclusive environment and is an Equal Opportunity Employer. Benefits include health, dental, vision, life insurance, 401k, FSA, paid time off, and holidays.