Haystack
← Back to Jobs
Administrative

Information Systems Security Officer (ISSO)/ISSM

Delviom LLCWashington, DC🇺🇸United StatesPosted 7 Jul 2026

Quick Overview

Work Type
Hybrid
Level
Mid Senior

Job Description

We are seeking a Lead Information System Security Officer (ISSO) to take ownership of the planning, coordination, implementation, and enforcement of cybersecurity policies, standards, and practices for federal information systems. The ideal candidate will possess advanced knowledge of the Risk Management Framework (RMF) and Assessment & Authorization (A&A) processes, as well as the technical depth to lead and provide hands-on cybersecurity support across cloud and on-premises environments. This role will serve as a primary advisor to system owners and security stakeholders, ensuring the confidentiality, integrity, and availability of mission-critical systems.

Key Responsibilities:

  • Lead and coordinate the development, implementation, and enforcement of information system security policies, procedures, and standards.
  • Serve as the primary point of contact for all security-related activities and communications with system owners, engineers, and auditors.
  • Oversee and drive Assessment & Authorization (A&A) activities in alignment with the RMF, including the preparation and maintenance of system security documentation (SSP, SAR, RAR, POA&M).
  • Provide expert-level technical guidance and hands-on cybersecurity support for securing IT systems, including cloud platforms (AWS, Azure, Google Cloud Platform) and hybrid infrastructures.
  • Conduct and lead security risk assessments, audits, and continuous monitoring activities.
  • Mentor and guide junior ISSOs, engineers, and support personnel in applying best practices and regulatory requirements.
  • Collaborate with stakeholders to ensure compliance with NIST 800-53, FISMA, FedRAMP, and other applicable federal standards.
  • Stay informed of emerging cybersecurity threats, technologies, and compliance requirements, and proactively implement improvements.

Required Qualifications:

  • 8+ years of ISSO or cybersecurity experience supporting Federal information systems.
  • Strong leadership experience in A&A and RMF lifecycle management.
  • Proven ability to develop and manage security authorization packages and technical documentation.
  • Hands-on experience securing cloud environments (AWS, Azure, Google Cloud Platform) and traditional IT infrastructures.
  • Advanced knowledge of federal cybersecurity standards (NIST 800-53, NIST 800-37, FISMA, FedRAMP).
  • Excellent communication, leadership, and stakeholder engagement skills.
  • Professional certifications such as CISSP, CAP, CISA, Security+, or Cloud Security certifications.

Similar jobs