RemoteLeaf Logo
Log in Sign up

Information Systems Security Officer (ISSO Lead) (R-00047)

2 hours, 2 minutes ago
United States
Full-time
Lead
Security Engineer
DevOps and Infrastructure
Cybersecurity Encryption
Apply Now
True Zero Technologies

True Zero Technologies

True Zero Technologies specializes in cybersecurity programs and software solutions, focusing on proactive defense and IT engineering services.

Internet Software & Services
11-50
Founded 2016
View All Jobs 5

Description

  • Maintain the overall operational security posture and manage day-to-day security operations for assigned information systems.
  • Develop, review, and maintain security and authorization documentation, including SSPs, risk assessment reports, C&A packages, and SRTMs.
  • Perform vulnerability and risk assessment analyses to support assessment and authorization activities.
  • Ensure security controls are implemented and maintained in accordance with the SSP and organizational security policies, standards, and procedures.
  • Support security authorization activities in compliance with NIST Risk Management Framework (RMF).
  • Provide configuration management for security software, hardware, and firmware, and lead Change Control Board meetings.
  • Advise the Information System Owner, Business Process Owner, and CISO/ISSM on system security matters.
  • Provide guidance and security expertise to program leadership.
  • Support ATO/ATC decision-making and operational practices.
  • Maintain awareness of emerging IT and cybersecurity technologies.

Requirements

  • 5+ years of experience in a related field, or a BA/BS in Computer Science or a related discipline from an accredited college or university.
  • CISSP and/or CISM certification is required.
  • Experience with Federal DevSecOps frameworks and processes.
  • Experience with IS accreditors, policies, and procedures supporting ATO/ATC decision making and operations.
  • Experience with RMF, NIST SP 800-53, STIGs, and/or SCAP Compliance Checker.
  • Knowledge of and experience leading the assessment and authorization (A&A) process.
  • Knowledge of IT security principles and methods such as firewalls, demilitarized zones, and encryption.
  • Experience preparing detailed SSPs to achieve ATO objectives.
  • Excellent verbal and written communication skills with the ability to influence and collaborate with leadership, peers, and team members.
  • Must be approved to work in the United States and have an active clearance, or be willing to submit to a clearance/background investigation process.

Benefits

  • Competitive salary paid twice per month.
  • Best-in-class medical coverage with 100% of medical premiums covered by the company.
  • Company-wide new business incentive programs.
  • Contribution incentives for white papers, blog posts, internal webinars, and similar activities.
  • 3 weeks of PTO to start plus 11 paid holidays annually.
  • 401(k) program with 100% company match on the first 4%.
  • Monthly reimbursement for cell phone and home internet costs.
  • Paternity and maternity leave.
  • Investment in training and certifications to expand technical skills.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

WaveStrong,

Remote Imperva Data Security SME

WaveStrong, 51-250 Internet Software & Services

WaveStrong is seeking a Remote Imperva Data Security SME to support enterprise data protection efforts by configuring and overseeing Imperva security solutions across customer environments.

United States Full-time Senior Security Engineer
WAF
17 minutes ago
WaveStrong,

Remote SOAR Developer/Engineer

WaveStrong, 51-250 Internet Software & Services

Remote contract role for a SOAR Developer/Engineer at an unspecified company, focused on automating SOC incident response workflows and improving security operations processes.

United States Contract Junior Security Engineer Software Engineer
CSS Cybersecurity DevSecOps HTML JavaScript JSON Network Security Python REST API SIEM SOC Splunk Visual Studio XML
17 minutes ago
GXA

Dev Ops AppSec & Security Engineer

GXA 11-50 Internet Software & Services

The Dev/Ops AppSec & Security Engineer at an unspecified company supports application operations and security initiatives by embedding security into the application lifecycle and strengthening organizational resilience across application and infrastructure environments.

Israel India Pakistan Philippines Sri Lanka Contract Senior Security Engineer
Azure Azure Pipelines CI/CD Encryption HIPAA OWASP Penetration Testing REST API SIEM
17 minutes ago
Ethena

Head of Security

Ethena 1-10 Diversified Financial Services

Ethena Labs is seeking a globally remote Head of Security to lead and own the company’s end-to-end security strategy across its crypto and stablecoin products, infrastructure, and operations.

Anywhere Executive Penetration Tester Security Engineer
AWS Cybersecurity Kubernetes Penetration Testing SIEM
17 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers