Information System Security Officer (ISSO) - FedRAMP ...

ASSYST's Information Assurance and Cyber Security Practice is seeking an Information Systems Security Officer (ISSO) with comprehensive knowledge and experience supporting FedRAMP Program. ASSYST is currently managing Cyber initiatives for various customers including Federal, State, and Local governments. Our end-to-end services cover architecture, design, policy, monitoring, detection, remediation, compliance, awareness, and training.Primary Job Responsibilities:Provide Subject Matter Expertise for the FedRAMP program, including an overview of the FedRAMP Program, guidelines, and expectationsRespond to crisis or urgent situations within the system to mitigate immediate and potential threats.Use mitigation, preparedness, and response and recovery approaches, as needed, to maximize information security.Oversee, evaluate, and support the documentation, validation, and accreditation processes necessary to ensure that IT systems meet the organization's security requirements.Review all documentation (SAP, SSP, SAR, CP, etc.) for CSPs under in the FedRAMP Authorization processEnsures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.Maintain awareness of updates to Federal Policies, Laws, Requirements, etc. that affect FedRAMP Program. Provide security advice and recommendations to leadership and staff based on NIST and FIPS guidelinesAnalyze system security assessment reports.Develop estimates of the security risks associated with the deployment of new technologies.Use defensive measures and information collected from a variety of sources to identify, analyze, and report eventsRequirements:Professional experience supporting information security/assurance programs, policies, processes, and procedures per various security frameworks/laws/standards/directives, e.g.: FISMA; OMB directives; Presidential Directives; NIST (SP-800 series; FIPS); HIPAA of 1996; Privacy ActMust have comprehensive knowledge of the FISMA and FEDRAMP. Understanding the relationships between FedRAMP Authorization Act, FISMA and OMB Circular A-130.In-depth knowledge of the NIST SP 800 series documentsPractical knowledge of IT System contingency planningGood understanding of continuous monitoring and continuous authorization conceptsGood understanding of the protection of PII and PIA conceptsFamiliarity with cloud service providers such as AWS, Azure, or Google Cloud.Good ability to articulate technical concepts, especially in the review processASSYST Benefits:We are proud to offer a robust benefits package including medical, dental, vision, 401(k) retirement plan, disability insurance, flexible spending accounts and more in order for our employees to maintain a secure work/life balance.ASSYST is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, national origin or any other characteristic protected under federal, state, or applicable local law

Created: 2025-01-15