logo inner

HHS - Lead ISSO/RMF Lead

Companycfocussoftware
LocationWorldwide
TypeRemote
cFocus Software seeks a Lead ISSO/RMF Lead to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.

Qualifications:


  • Bachelor’s degree in Information Technology, Cybersecurity, or related field.
  • Minimum 8 years of experience in federal RMF / ISSO roles.
  • Expert knowledge of NIST SP 800-37, 800-53, 800-53A, and FISMA.
  • Experience with eGRC tools (e.g., RSA Archer).
  • Strong written and verbal communication skills.

Duties:


  • Provide expert guidance on RMF process execution and improvements.
  • Develop templates, guidance, and documentation to support ISSO teams.
  • Translate complex cybersecurity concepts for non-technical stakeholders.
  • Develop executive briefings, dashboards, and reports.
  • Support Zero Trust Architecture initiatives and supply chain risk management.
  • Serve as the primary security point of contact for assigned systems.
  • Notify HRSA SOC of suspected or confirmed incidents within one hour.
  • Support incident response, remediation, and post-incident documentation.
  • Ensure compliance with FISMA, OMB A-130, HHS, and HRSA policies.
  • Support contingency planning, BIA development, and contingency testing.
  • Lead RMF lifecycle execution for assigned systems following NIST SP 800-37 Rev. 2.
  • Develop, maintain, and update all required FISMA security and privacy artifacts using HRSA eGRC.
  • Prepare and maintain SSPs, SARs, POA&Ms, Continuous Monitoring Plans, and authorization packages.
  • Conduct security categorization (FIPS 199) and ensure appropriate NIST 800-53 baselines are applied.
  • Review, document, and track security findings and vulnerabilities to closure.
  • Develop and manage POA&Ms with appropriate milestones, evidence, and ownership.
  • Prepare Risk-Based Decisions (RBDs) when required and support AO adjudication.
  • Coordinate with System Owners, SMEs, assessors, and DCSP leadership.
  • Maintain acceptable CPIC Dashboard scores for assigned systems.
  • Support ATO, annual assessments, and transition to ongoing authorization.


Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025