logo inner

Sr. ISSO - HHS ESS

Companycfocussoftware
LocationWashington D.c., United States
TypeOnsite
cFocus Software is seeking a highly skilled
Subject Matter Expert (SME) – Security Control Assessor (SCA) to support the Enterprise Security Services (ESS) program. This role is responsible for leading security control assessments, validating system compliance, and ensuring the effectiveness of cybersecurity controls across federal information systems. The successful candidate will provide expert guidance on remediation and risk mitigation while supporting system authorization and reauthorization processes in alignment with the ESS Performance Work Statement (PWS).

Responsibilities


Security Assessment & Validation


  • Serve as the lead assessor for evaluating the implementation and effectiveness of security controls.
  • Conduct security control assessments in alignment with NIST SP 800-53 and the Risk Management Framework (RMF).
  • Perform vulnerability assessments, penetration testing, and risk analysis to validate system security posture.
  • Support preparation of systems for Authorization to Operate (ATO) and Authorization to Connect (ATC).

Documentation & Compliance


  • Develop, review, and validate Security Assessment Plans (SAPs), Security Assessment Reports (SARs), and associated risk documentation.
  • Support the development, maintenance, and tracking of Plans of Action and Milestones (POA&Ms).
  • Ensure assessment activities meet compliance standards and federal cybersecurity requirements.
  • Present assessment findings, risks, and recommendations to senior leadership and government stakeholders.

Expertise & Mentorship


  • Provide subject matter expertise and remediation guidance to system owners, ISSOs, and engineers.
  • Mentor and guide junior assessors and security staff to strengthen organizational capability.
  • Contribute to the adoption of best practices in assessment and authorization processes.

Required Experience


  • 10+ years of cybersecurity experience, including at least 5 years in security assessment roles.
  • Demonstrated expertise with NIST SP 800-53, RMF, FISMA, and other federal cybersecurity frameworks.
  • Proven experience leading security control assessments, audits, and inspections for federal systems.
  • Proficiency with vulnerability management tools, penetration testing, and continuous monitoring.
  • Strong skills in risk management, analysis, and technical writing.

Education & Certifications


  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
  • Relevant advanced cybersecurity certifications (e.g., CISSP, CAP, CISA, CISM, or equivalent).
  • Master’s degree preferred.

Clearance Requirement


  • Active Public Trust clearance required.

Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025