logo inner

HHS - Sr. ISSO

Companycfocussoftware
LocationWorldwide
TypeRemote
cFocus Software seeks a Sr. ISSO to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.

Qualifications:


  • Bachelor’s degree in Cybersecurity, Information Technology, or related field.
  • Minimum 8–10 years of experience supporting federal RMF and ISSO functions.
  • Expert knowledge of NIST SP 800-37, NIST SP 800-53, NIST SP 800-53A, and FISMA requirements.
  • Hands-on experience supporting ATOs, continuous monitoring, and eGRC tools (e.g., RSA Archer).
  • Experience supporting systems containing PII and moderate/high impact data.
  • Strong written and verbal communication skills.
  • Active CISSP, CAP, CISM, or Security+ (preferred)

Duties:


  • Lead execution of the NIST RMF lifecycle (Categorize, Select, Implement, Assess, Authorize, Monitor) for assigned HRSA systems.
  • Serve as the primary security advisor to System Owners, ISSOs, and program leadership.
  • Develop, review, and maintain RMF artifacts including SSPs, SARs, POA&Ms, Continuous Monitoring Plans, BIAs, and Contingency Plans.
  • Ensure accurate and timely entry of system security data into the HRSA eGRC platform.
  • Manage POA&M development, prioritization, tracking, and closure in coordination with stakeholders.
  • Prepare systems for initial ATOs, annual assessments, and ongoing authorization activities.
  • Support Security Control Assessments (SCAs) and remediate findings in coordination with assessors.
  • Develop Risk-Based Decisions (RBDs) and support Authorizing Official (AO) adjudication.
  • Maintain acceptable CPIC dashboard scores and support corrective actions.
  • Ensure compliance with FISMA, OMB A-130, HHS, and HRSA cybersecurity policies.
  • Support vulnerability management, incident response, and configuration management activities.
  • Provide mentoring and technical guidance to junior ISSOs and RMF analysts.
  • Develop and maintain system security SOPs, workflows, and documentation.
  • Prepare executive briefings, metrics, and reports on system security posture and risk.


Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025