ISSO/ISCM Lead:
ISSO/ISCM Lead responsible for the strategic coordination of compliance, authorization support, and the comprehensive execution of the Information Security Continuous Monitoring (ISCM) program. This role leads the Risk Management Framework (RMF) and A&A lifecycle, ensuring that all security artifacts, including System Security Plans (SSP), Configuration Management Plans (CMP), and Disaster Recovery Plans (DRP), are continuously maintained and updated to reflect the current operational environment. Beyond documentation oversight, the Lead facilitates proactive internal controls testing and internal Security Control Assessments (SCA) to verify that security controls remain effective over time. They act as the primary liaison between business functions and the Office of the CISO, coordinating weekly security meetings and managing the end-to-end lifecycle of POA&Ms, risk acceptances, and configuration deviations tracked directly to the system's authorization boundary. Additionally, this individual manages the collection of investigation artifacts for internal and external audits, such as FISMA and OIG, ensuring all evidence meets oversight quality standards.
Minimum Qualifications
Proposed personnel possess education, certifications, training, and relevant experience appropriate to their assigned labor category. Personnel shall demonstrate experience performing similar work in enterprise cybersecurity, network operations, security engineering, security compliance, vulnerability management, or related environments of comparable scale, complexity, or criticality.
Key Personnel shall possess demonstrated experience leading or supporting enterprise-level cybersecurity service delivery, operational coordination, engineering support, or compliance support in complex environments.
At a minimum, the following certifications are required:
ISSO Lead: CISSP or equivalent information security governance/risk certification
Never miss an opportunity! Create an alert based on the job you applied for.