Sr. ISSO - HHS ESS

Job Description: Senior Information Systems Security Officer (Sr. ISSO)

Key Responsibilities

• Oversee the implementation and enforcement of system security requirements as defined by the PWS.
• Support and maintain system security plans (SSPs), risk assessments, and authorization documentation.
• Ensure compliance with federal cybersecurity requirements, including NIST RMF, FISMA, and FedRAMP.
• Lead security control assessments and support continuous monitoring activities.
• Conduct vulnerability assessments, risk analyses, and provide recommendations for remediation.
• Develop and deliver security documentation, reports, and briefings to leadership and stakeholders.
• Ensure timely and accurate reporting of cybersecurity posture, incidents, and risks.
• Collaborate with system owners, administrators, and engineers to maintain secure configurations.
• Support audits, inspections, and authorization processes (ATO/ATC).
• Mentor and provide guidance to junior ISSOs and cybersecurity staff.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
• Active Public Trust Clearance
• Minimum of 10+ years of cybersecurity experience, with at least 4 years as an ISSO in a federal environment.
• Strong knowledge of NIST SP 800-53, Risk Management Framework (RMF), and federal cybersecurity policies.
• Experience developing and maintaining security documentation (SSPs, SARs, POA&Ms, etc.).
• Proficiency in vulnerability management, incident response, and continuous monitoring practices.
• Excellent written and verbal communication skills, with experience briefing senior leadership.
• Relevant cybersecurity certifications (e.g., CISSP, CISM, CISA, CAP, or equivalent).

Preferred Qualifications

• Master’s degree in Cybersecurity, Information Assurance, or related field.
• Experience with large-scale federal enterprise systems and cloud environments.
• Knowledge of Zero Trust architecture and emerging cybersecurity technologies.