Overview
Skills
Job Details
ISSO Location: Chantilly, VA
Work Type: Onsite
Remote Work: NO
Job Description
Gridiron IT is looking for an ISSO to support a federal contract in Chantilly, VA
Responsibilities:
- Implement and maintain a Continuous Monitoring program aligned with RMF and NIST SP 800-137 guidelines.
- Conduct regular security assessments and vulnerability scans of information systems.
- Monitor security controls and their effectiveness in real-time.
- Analyze security-related information to identify trends and potential threats.
- Prepare and maintain documentation for security status reporting.
- Collaborate with system owners and other stakeholders to address security findings and implement remediation plans.
- Assist in the development and updating of System Security Plans (SSPs) and other RMF documentation.
- Support the Authorization to Operate (ATO) process for information systems.
- Stay current with evolving cybersecurity threats, technologies, and compliance requirements.
- Participate in incident response activities as needed.
- BS/BA or equivalent experience and a minimum 7 yrs related work.
- Security+ required
- 2-5 years of experience in information security, with a focus on continuous monitoring and RMF.
- Strong knowledge of NIST SP 800 series publications, particularly SP 800-37, SP 800-53, and SP 800-137.
- Familiarity with Federal information security regulations and guidelines (e.g., FISMA, FedRAMP).
- Experience with security tools such as vulnerability scanners, SIEM systems, and GRC platforms.
- Strong analytical and problem-solving skills.
- Excellent written and verbal communication skills.
- Ability to work effectively in a team environment and collaborate with various stakeholders.
Desired:
Relevant certifications such as Security+, CISSP, CISM, or CAP.
Experience working in a government or government contractor environment.
Familiarity with automation tools for continuous monitoring processes.
Tenable experience.
Experience with Splunk.
Qmulos Q-Audit experience.
This position plays a crucial role in maintaining the security posture of our information systems and ensuring compliance with Federal cybersecurity requirements. The successful candidate will contribute to the organization's overall risk management strategy and help protect critical assets from evolving cyber threats.
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. Requires TS/SCI CI Polygraph clearance.
Compensation and Benefits
Salary Range: $100,000 - $180,000/yr (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.) Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron s benefits programs. Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status. Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.