Information System Security Officer -W2 Only

Overview

On Site
Contract - W2
Contract - start date

Skills

LINUX
Windows
IBM System 390/zSeries
Databases (Relational and Non-Relational)
ISACA
ISC(2)
SANS GIAC and/or other Information Security Certification
FISMA or NIST compliant program

Job Details

Role: Information System Security Officer -W2 Only

Location: Columbia, SC

Duration: One Year contract with possibility of extensions

Interview Process: 2 rounds, Virtual & In Person

Position Overview

The Senior Information System Security Officer (ISSO) will serve as a key member of the Office of Cybersecurity (OCS), reporting directly to the ISSO Team Lead. This role requires an experienced cybersecurity professional to act as a trusted advisor to agency leadership, business units, partners, and vendors. The Senior ISSO will drive security and compliance initiatives, oversee system assessments, and ensure alignment with federal and state security standards.

Key Responsibilities

  • Lead the development, implementation, and maintenance of security documentation including System Security Plans (SSPs), Privacy Impact Assessments (PIAs), Interconnection Security Agreements (ISAs), and Computer Matching Agreements (CMAs).
  • Perform security architectural reviews and risk analysis on requests related to:
  • Network design and information flow
  • System/data access models
  • Firewall rules (ports, protocols, services)
  • Baseline configuration deviations
  • Vulnerability management
  • Conduct audits and assessments of internal systems and business partner security controls.
  • Serve as the primary contact for third-party audits and assessments of agency and partner systems.
  • Review and advise on security aspects of contracts, business associate agreements, and data usage/sharing agreements.
  • Provide recommendations to mitigate security and compliance risks while collaborating with leadership, vendors, and stakeholders.
  • Champion the integration of RMF/A&A activities into the System Development Life Cycle (SDLC).
  • Utilize tools such as Archer (eGRC), System Center Service Manager, Bizagi, Atlassian, and Microsoft Office for documentation, reporting, and tracking.

Required Skills & Experience

  • 5+ years of IT experience in:
  • IBM System 390/zSeries, Windows, Linux
  • Relational and Non-relational Databases
  • Networking infrastructure and web-based applications
  • Proven experience in FISMA-compliant programs (CMS MARS-E, ARC-AMPE, or RMF).
  • Hands-on experience with eGRC systems (Archer strongly preferred).
  • Strong working knowledge of FISMA, NIST, CMS MARS-E, HIPAA Security & Privacy.
  • Prior Health Information Technology experience.
  • Professional certifications required: ISC , ISACA, SANS GIAC, or equivalent.
  • Proficiency in Microsoft Office (Word, Excel, PowerPoint, Visio) with attention to detail and documentation standards.
  • Ability to collaborate across diverse teams, manage multiple priorities, and communicate effectively with both technical and non-technical stakeholders.

Preferred Qualifications

  • Bachelor's degree in Computer Science, Information Security, or related field, or 10+ years equivalent experience.
  • Prior experience with ITIL Information Security Management.
  • Familiarity with security technologies such as:
  • Firewalls, IPS, routing/switching infrastructure
  • SIEM solutions
  • IAM solutions
  • Enterprise NoSQL Databases
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.