Information System Security Officer (ISSO) Lead

About the Organization

Now is a great time to join Redhorse Corporation. We are a solution-driven company delivering data insights and technology solutions to customers with missions critical to U.S. national interests. We're looking for thoughtful, skilled professionals who thrive as trusted partners building technology-agnostic solutions and want to apply their talents supporting customers with difficult and important mission sets.

About the Role

Redhorse is seeking a highly skilled Information System Security Officer (ISSO) Lead to support our critical work with the Federal Communications Commission (FCC). As the primary liaison between the FCC Cybersecurity Group and system stakeholders, you will play a vital role in ensuring the security and compliance of the FCC's IT infrastructure. Your expertise will directly impact the agency's ability to maintain its operational integrity and protect sensitive data. This is an opportunity to make a significant contribution to the nation's communications infrastructure security.

Key Responsibilities

• Serve as the primary liaison between the FCC Cybersecurity Group, Information System Owner (SO), Enterprise Common Control Provider (ECCP), and Information Owner.
• Verify that applications and support systems meet information security policies, including continuous vulnerability scans, patch management, and configuration management.
• Ensure compliance with commercial and open-source software requirements through FCC OCIO Governance Boards.
• Assist with reporting and investigating information security incidents to the Cybersecurity Group Security Operations Center (SOC).
• Identify security categorization and control selection of information systems following established methodology.
• Coordinate Initial Privacy Assessments (IPAs) and Privacy Impact Assessments (PIAs).
• Perform real-time monitoring of assigned information systems through dashboarding capabilities.
• Draft, review, and update information system continuous monitoring plans based on changes in risk, control selection, laws, and guidelines.
• Review tiered information security reports and participate in briefings with system owners, CISO, and Authorizing Officials.
• Prepare Security Posture Reports with adjusted metrics.
• Manage Plan of Action and Milestones (POA&M) activities and vulnerability management across FCC networks and projects.

Required Experience/Clearance

• with a Top Secret US government clearance. Applicants who are not s and who do not have a current and active Top Secret security clearance will not be considered for this role.
• Bachelor's degree in Cybersecurity, Information Systems, or a related field.
• 5+ years of related management experience in information system security.
• Core competencies in Risk Management Framework (RMF), information assurance, continuous monitoring, and POA&M management.
• Knowledge, skills, tasks, and capabilities described in NICE work role Systems Security Management (OG-WRL-014).
• Ability to perform any and all functions associated with this effort.
• Required Certifications: Certified Information Systems Security Professional (CISSP).
• Clearance Requirements: Secret (S) clearance with eligibility for Top Secret.
• Location: On-site at FCC headquarters; some telework may be available.

Desired Experience

• Experience with specific vulnerability scanning tools (e.g., Nessus, Qualys).
• Experience with specific patch management systems.
• Familiarity with specific security information and event management (SIEM) systems.
• Experience working within the Federal Government.
• Advanced certifications beyond CISSP (e.g., CISM, CRISC).

Equal Opportunity Employer/Veterans/Disabled

Accommodations:

If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to access job openings or apply for a job on this site as a result of your disability. You can request reasonable accommodations by contacting Talent Acquisition at

Redhorse Corporation shall, in its discretion, modify or adjust the position to meet Redhorse's changing needs.

This job description is not a contract and may be adjusted as deemed appropriate in Redhorse's sole discretion.