Information Systems Security Officer – Lead

🕒 April 21

🏛️ District of Columbia, Washington – Remote

🏛️ District of Columbia – Remote ☕ Washington – Remote

⏰ Full Time

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

True Zero Technologies, LLC

WebsiteLinkedInAll Job Openings

11 - 50 employees

🔒 Cybersecurity

🏢 Enterprise

☁️ SaaS

Cybersecurity • Enterprise • SaaS

True Zero Technologies, LLC is a veteran-owned company specializing in cybersecurity solutions. The company offers a range of services including security engineering and architecture, emerging technology adoption, cyber operations, cyber threat intelligence, penetration testing, and information assurance. True Zero is also recognized for its managed services and cloud security capabilities. The company partners with technology leaders such as Tanium, Splunk, Cribl, and Zscaler to deliver high-impact, high-value solutions that help organizations innovate while enhancing their security and operational programs. True Zero is committed to empowering organizations with actionable insights to secure their IT environments effectively.

📋 Description

• Maintaining the overarching operational security posture and managing the day-to-day security operations of your assigned Information System (IS); • Developing, reviewing, and maintaining security and authorization documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs); • Performing vulnerability/risk assessment analyses to support assessment and authorization (A&A); • Ensuring the implementation and maintenance of security controls in accordance with the SSP and the organization's security policies, standards, and procedures; • Supporting security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF). • Providing configuration management (CM) for IS security software, hardware, and firmware, and leading Change Control Board (CCB) meetings; and, • Providing guidance and security expertise to program leadership. • Lead ISSO support activities across assigned systems, projects, or operational areas • Support RMF implementation and authorization and accreditation activities for federal systems • Support FISMA reporting, data calls, and related compliance deliverables • Help maintain system security posture in alignment with federal cybersecurity requirements • Review, analyze, and support updates to IT, cybersecurity, and privacy policies and procedures • Coordinate with technical teams, system owners, and government personnel on security matters • Support risk management, security documentation, and control validation activities • Assist with security control assessments, issue tracking, and remediation coordination • Support audit response activities and compliance-related reviews • Use MITRE ATT&CK to help communicate monitoring and control gaps, support risk discussions, and inform remediation recommendations • Provide leadership for ISSO processes, practices, and quality of work products • Prepare reports, recommendations, and briefings for leadership and stakeholders • Ensure timeliness, accuracy, and completeness of ISSO-related deliverables

🎯 Requirements

• Experience with and knowledge of Federal DevSecOps frameworks and processes • Clearance Required-Secret Clearance (Interim) • Experience with IS accreditors, policies, and procedures to support Authority to Operate (ATO)/Authority to Connect (ATC) decision making and operational practices. • Experience with RMF, NIST SP 800-53, Security Technical Implementation Guides (STIGs), and/or Security Content Automation Protocol (SCAP) Compliance Checker • Knowledge of and experience leading the A&A process • Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption). • Experience in preparing detailed SSPs to achieve ATO objectives. • Knowledge of new and emerging IT and cybersecurity technologies. • 7–10 years of experience in cybersecurity assurance • Strong experience supporting RMF, authorization and accreditation, system security oversight, and compliance activities • Experience supporting FISMA reporting, security documentation, and control validation efforts • Experience working with cybersecurity policies, procedures, and governance requirements in federal environments • Familiarity with MITRE ATT&CK and the ability to use it to communicate monitoring or control gaps and support remediation discussions • Ability to coordinate across technical and non-technical stakeholders in support of secure system operations • Strong analytical, organizational, and communication skills • Ability to produce clear written documentation, assessments, and status reporting • Experience supporting mature ISSO practices in enterprise environments • CISSP will be a requirement for consideration

🏖️ Benefits

• Competitive salary, paid twice per month • Best in class medical coverage • 100% of medical premiums covered by True Zero • Company wide new business incentive programs • Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.) • 3 weeks of PTO starting + 11 Paid Holidays Annually • 401k Program with 100% company match on the first 4% • Monthly reimbursement of Cell Phone and Home Internet costs • Paternity/Maternity Leave • Investment in training and certifications to broaden and deepen your technical skills