The Senior Information System Security Officer (ISSO) Consultant role involves leading security, risk, and compliance activities for large-scale information systems. The consultant will implement and maintain security and compliance programs aligned with regulatory standards, advise stakeholders on cybersecurity risk management, and serve as a primary point of contact for audits and assessments.
Location:Columbia, South Carolina, United States\nWashington, District of Columbia, United States
Responsibilities:
- Lead and support security and compliance initiatives aligned with FISMA, NIST, CMS MARS-E, and HIPAA.
- Develop, maintain, and review RMF/A&A artifacts including SSPs, PIAs, ISAs, and related documentation.
- Integrate security controls and compliance activities into the System Development Life Cycle (SDLC).
- Perform security architecture reviews, risk assessments, and vulnerability evaluations.
- Review firewall rules, access models, data flows, and configuration deviation requests.
- Conduct audits and assessments of internal systems and third-party vendors.
- Serve as primary point of contact for third-party audits and assessments.
- Review contracts and data-sharing agreements for security and compliance requirements.
- Provide risk mitigation recommendations to leadership and stakeholders.
- Document findings and reports using standard enterprise tools.
Required Skills & Certifications:
- 5+ years of IT security experience working with or auditing Windows and Linux systems, databases, networking, and web-based applications.
- Prior experience working within a FISMA-compliant program.
- Experience with eGRC platforms.
- Strong working knowledge of NIST, FISMA, HIPAA, and CMS MARS-E.
- Ability to work independently and collaboratively in a consulting environment.
- One or more active security certifications such as ISC , ISACA, or SANS GIAC.
- Bachelor's degree in a related field or equivalent professional experience.
Preferred Skills & Certifications:
- Experience with cloud security and vendor risk management.
- Familiarity with SIEM, IAM, firewalls, and intrusion prevention systems.
- ITIL experience related to Information Security Management.
- Prior healthcare or public-sector IT experience.
Special Considerations:
- In-person interviews are required.
Scheduling:
- Not specified.
...fitness experience and lifestyle. We're looking for a passionate Marketing Assistant to help us stay organized across a range of digital... .... Work with the content team to coordinate assets for online marketing campaigns including requesting creatives for seasonal...
...At Propio Language Services we are closing the language gap by connecting people anywhere and anytime through innovative technology... ...the industry. We currently have a need for Remote Contract Polish Interpreters who have a sincere desire to use their language skills...
...Description GDIT seeks a Junior UI Developer to join our team, to provide... ...knowledge of both front-end web application development, and... ...with best practices in remote work. This is an ideal opportunity... ...working on Federal Sector Contracts Professional Certification...
...in nuclear energy that provides matching funding to industry to design and build an operational advanced reactor. TerraPower, a... ...Job Summary: In this role, you will plan, develop, and review electrical engineering design work, produce drawings and documentation, and...
...compliance with all applicable laws and regulations. Provide legal counsel on contract drafting and negotiation across the enterprise.... ...national origin, religion, sex, age, veteran status, disability, genetic information, gender identity , or any other protected class....