top of page

Senior Information Systems Security Officer (ISSO) - Full-Time Onsite Position



Direct Report to Program Manager


Job Description


Our organization is seeking an experienced Senior Information Systems Security Officer (ISSO) to

help protect our client’s data from unauthorized access. We are a woman-owned small business

(WOSB) located in Chantilly, VA. This role is onsite (at the client’s site) in Scottsdale, AZ. This is a

risk management role that involves mitigating the effects of security breaches. In this role, you will

develop, implement, and test information security measures. In addition to protecting our IT infrastructure

through security updates and firewalls, you will monitor employee access to our networks and databases,

ensuring that employees have the proper level of clearance and are compliant with our security measures.

Our ideal candidate is a CISSP, or CISM with 5-10 years of experience in information technology or

cybersecurity.


This also will include physical and environmental protection, personnel security, incident handling, and

security training and awareness. It will be required to work in close coordination with the ISSM and ISO

in monitoring the information system(s) and its environment of operation including developing and

updating the authorization documentation and implementing configuration management across authorization

boundaries. This will include assessing the security impact of those changes and making

recommendations to the ISSM.


Primary Responsibilities

  • Work in close collaboration with the Information System Security Manager (ISSM), the Chief Information Security Officer (CISO) staff, and the Information System Owner (ISO)

  • Create and maintain existing information system security documentation, including SSP, SCTM, and Risk Management Framework (RMF) Body of Evidence

  • Ensure the appropriate operational security posture is maintained for assigned information systems

  • Prepare system documentation for assessment in accordance with RMF and NIST Special Publications (800-37, 800-53 and others); identify deficiencies and provide recommendations for solutions; track findings with Plan of Action and Milestones (POA&M) through mitigation and/or risk acceptance

  • Conduct periodic and continuous monitoring of the system to ensure compliance with the authorization package

  • Work with the cybersecurity team to perform basic system administration and maintain various cybersecurity tools, including audit collection and reporting systems, vulnerability management programs, and other continuous monitoring capabilities

  • Participate in the change management process, including reviewing change requests and assisting in the assessment of security impact of proposed changes

  • Conduct daily, weekly, and monthly audit reviews and management of the audit collection system for assigned systems, boundaries, and components

  • Work on project teams responsible for engineering and packaging releases to integrate within the customer's production IT environment

  • Communicate well, both verbally and in writing, with both government and industry audiences

Basic Qualifications

  • DoD 8570.1 / DoD 8140.01 certification (IAT Level II, IAM level II, IASAE Level II)

  • Bachelor’s degree (preferably in IT, Cybersecurity, Computer Science, Information Systems Management, Engineering, or similar field of study) and have 4+ years’ experience with information networks and related security concerns; or a Master's degree with 2+ years’ experience

  • Strong background and extensive experience with RMF, ICD 503, NIST SP800-53, JSIG or DJSIG

  • Knowledge of current authorization practices, particularly within the DoD.

Preferred Qualifications

  • Experience with security efforts related to modern Windows, Cloud computing, Linux, UNIX, Cisco, SQL or Oracle databases, and virtual computing.

  • Experience implementing and using various cybersecurity tools including vulnerability assessment, patch management, audit collection, audit review, audit management, and end-point protection

Security Clearance Requirements

  • U.S. citizenship and secret clearance required

Location 

The position is onsite with client in Scottsdale, Arizona. SASSI office is located in Chantilly, VA.


Salary

Commensurate with experience


Benefits

Competitive benefits package including health and dental insurance, short-term and long-term

disability, life insurance, vision insurance, 2-week sabbatical after 5 years of employment and $5K bonus,

flexible work schedule in a remote (in person 1x a month) format, and paid time off.  


How to Apply

Please email your resume and application to careers@teamsassi.com and include the

words “Job Inquiry” in the subject line and a brief summary of your qualifications for the position in the

body of the email.

bottom of page