×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant Information Security

Information Systems Security Officer; ISSO

Job in Chantilly, Fairfax County, Virginia, 22021, USA
Listing for: Nava
Full Time position
Listed on 2026-01-12
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant, Information Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Information Systems Security Officer (ISSO)

Be Challenged and Make a Difference

In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At Ana Vation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.

Description of Task to be Performed

Ana Vation is seeking a mid-level ISSO for our mission critical customer in Washington, DC. You will work as part of a highly talented team providing security compliance expertise on high priority projects.

Daily duties include, but are not limited to:

  • Developing, maintaining, and assessing Security Assessment & Authorization (SA&A) packages resulting in an authority to operate (ATO) for IT systems.
  • Creating and maintaining SSPs and supporting documentation in accordance with agency guidelines and directives. This includes writing implementation statements, creating supporting documentation (e.g., contingency Plans, Incident Response Plans, Account Management Plans, etc.), and performing self-assessments, while working with system stakeholders.
  • Develop, coordinate, test, and train personnel on Incident Response Plans and Contingency Plans.
  • Ensuring that information systems are accredited, maintain their ATO, and are being continuously monitored.
  • Performing risk assessments for government systems, to include cloud-based systems.
  • Performing security control assessments to include collecting supporting artifacts/evidence and interviewing system owner/owner representatives.
  • Having an in-depth knowledge of the Risk Management Framework (RMF).
  • Maintaining and tracking system POA&Ms.
  • Conducting vulnerability management and analysis.
  • Reviewing and analyzing government policy.
  • Improving on processes and procedures and making recommendations to improve the security posture of the agency's IT systems and applications.

This position requires a Top-Secret clearance with SCI eligibility and the ability to obtain a CI Poly. This position is on-site in Washington DC with no remote option.

Required Qualifications
  • Bachelor’s in Computer Science, or other related analytical, scientific, or technical discipline
  • 4+ years’ experience with NIST, FISMA, and Security Assessment & Authorization.
  • Knowledgeable on various security-related NIST publications (e.g., SP 800-53r5, SP 800-53A, SP 800-18r1, etc.)
  • In-depth knowledge of information security principles, methodologies, and best practices.
  • Experience in conducting risk assessments and implementing security controls.
  • Proficiency in using security tools and technologies, such as firewalls, intrusion detection systems, SIEM, and vulnerability management tools.
  • Knowledge of incident response procedures.
  • Obtain a CI Poly.
  • Can be on-site 5 days a week.
Preferred Qualifications
  • Desirable Qualifications (Education/Certificates, Experience, Physical, etc.):
  • Certifications:

    CISSP
  • FedRAMP and Cloud experience (e.g., Azure, AWS, Oracle (OCI))
  • Hands-on experience using a Governance, Risk, and Compliance tool, such as CSAM or eMASS.
  • Ability to conduct gap analysis on non-federated vendor audit results, such as SOC Type 2, HIPAA comparison review and analyst against NIST SP 800-53 Revision 5 security controls.
  • Ability to accurately manage complex work streams, comprehend the application of the RMF, and understand the application of security controls across the interface, application, operating system, network, and database layers of modern information systems. Understand the applicable artifacts used as evidence to assess compliance.
  • Experience with multiple tools providing security functions such as vulnerability management (e.g., Nessus), configuration management (e.g., Big Fix, SCCM, ePO), endpoint protection (e.g., antivirus, ATP), data loss prevention, and intrusion detection software and hardware.
  • Ability to evaluate data flows, network diagrams, and logical security boundaries.
  • Familiarity with the use of data analysis tools, including the use of Microsoft Excel or Power

    BI to combine data from multiple sources.
Benefits
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search