CrawlJobs Logo

Senior Information Systems Security Officer

2hb.com Logo

2HB

Location Icon

Location:
United States , Annapolis Junction

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

2HB Incorporated is seeking a Senior Information Systems Security Officer to support its government customer in Annapolis Junction, MD.

Job Responsibility:

  • Enhancing security posture by supporting the program, organization, system, or enclave’s information assurance initiatives and enforcing security policies, standards, and methodologies
  • Overseeing security operations for information systems, managing daily security aspects, evaluating security solutions for classified processing, and conducting vulnerability and risk assessments for accreditation
  • Managing configuration and system integrity by administering configuration management (CM) for security software, hardware, and firmware, ensuring compliance with security controls, and assessing the impact of system changes
  • Developing and maintaining security documentation, including System Security Plans (SSPs), Risk Assessment Reports, Certification & Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)
  • Ensuring compliance with security authorization activities following the Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF)
  • Providing technical expertise in security policies and operations, supporting the implementation and maintenance of security measures, and collaborating with stakeholders to strengthen the security posture
  • Driving continuous improvement by assessing existing security processes, identifying vulnerabilities, and implementing proactive solutions to enhance system resilience

Requirements:

  • Bachelor of Science degree in Computer Science, Information Assurance, Information Security, or a related discipline, plus 12+ years of relevant experience
  • In lieu of a degree, an additional 4 years of experience may be considered
  • 7+ years of ISSO experience supporting IC or DoD programs and contracts of similar scope, type, and complexity
  • Experience with customer Info Security tool suite, as well: Latteart, Biscoti, Xacata
  • DoD 8570 compliance with IAM Level II or IAT Level III (CASP, CISSP, or Associate)
  • TS/SCI/Full Scope Polygraph Clearance

Additional Information:

Job Posted:
January 05, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
2HB - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Information Systems Security Officer

Senior Information System Security Officer

We are seeking a highly skilled and mission-driven Senior Information Systems Se...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent combination of education and experience)
  • 8+ years of progressive experience in information systems security, with at least 3 years in a senior-level or lead ISSO role supporting federal or state government agencies
  • Strong working knowledge of: NIST 800-53, RMF, FISMA, OWASP Top 10, and SANS Institute standards
  • SAFe Agile environments and integrating security in Agile workflows
  • Networking, Linux/Windows system administration, and secure software development practices
  • Cloud platforms (AWS, Azure, GCP) and related security tools (e.g., AWS Security Hub, Azure Defender)
  • Experience in managing security documentation, participating in audits, and working with compliance frameworks
  • Relevant certifications such as CISSP, CISM, Security+, CEH, or equivalent
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead the implementation and maintenance of system security controls in compliance with federal cybersecurity frameworks, including NIST SP 800-53, RMF, OWASP, DISA STIGs, and Common Criteria
  • Oversee the full lifecycle of Authorization to Operate (ATO) processes, including preparation of System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and risk assessments
  • Serve as a senior security advisor and liaison to system owners, developers, DevOps engineers, and government stakeholders
  • Participate in technical reviews of system architecture and ensure secure design of virtualized and software-defined infrastructures
  • Support integration of security controls into CI/CD pipelines using DevSecOps principles and tools (e.g., Jenkins, GitLab CI, SonarQube, Snyk)
  • Provide security engineering support for modern cloud environments, including AWS, Azure, or Google Cloud Platform, and assess cloud-native security capabilities
  • Conduct vulnerability assessments, interpret scan results from tools like Tenable, Nessus, Splunk, or Qualys, and lead remediation efforts
  • Mentor junior ISSOs and analysts on security policies, best practices, and tool usage
  • Ensure continuous monitoring activities are aligned with organizational risk tolerance and compliance goals
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Information Systems Security Officer

The Information Systems Security Officer (ISSO) is responsible for safeguarding ...
Location
Location
United States; Canada , Athens, Georgia; Atlanta, Georgia; Toronto, Ontario
Salary
Salary:
Not provided
docebo.com Logo
Docebo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in information systems security, with a focus on compliance with NIST and DoD guidelines
  • In-depth knowledge of FedRAMP, NIST SP 800-37, NIST SP 800-53, and DoD 8510.01 policies and procedures
  • Strong technical writing skills for developing SOPs, work instructions, and senior-level briefs
  • Proficient in risk and vulnerability assessment, security infrastructure design, and continuous monitoring
  • Prior experience on obtaining FedRamp ATO
Job Responsibility
Job Responsibility
  • Own the FedRAMP/DoD RMF authorization lifecycle for assigned systems (strategy → authorization → continuous monitoring → ATO maintenance)
  • Define and maintain the FedRAMP program governance model, roles & responsibilities (including Sponsor/Authorizing Official interactions)
  • Create, own, maintain, and version-control the System Security Plan (SSP), Security Assessment Report (SAR), continuous monitoring (ConMon) artifacts, POA&Ms, SSP annexes, and all ATO package deliverables
  • Build and run the ConMon program: define telemetry requirements, dashboards, vulnerability ingestion, thresholds, incident feed, and reporting cadence
  • Triage vulnerabilities, manage POA&Ms (track remediation owners, dates, residual risk), and ensure POA&M closure meets customer and FedRAMP expectations
  • Lead the selection, engagement, and technical coordination with 3PAOs and any external assessors. Ensure assessments, testing, and SAR content are accurate and timely
  • Evaluate security impact for architectural or operational changes (Security Impact Analysis), own risk acceptance processes, and coordinate Risk Acceptance with Sponsors/Authorizing Officials
  • Integrate change control with the ConMon program to ensure authorized/approved changes are documented and do not break control baselines
  • Act as the primary internal liaison across Product, Engineering, DevOps, Security, Sales, Legal, and Marketing for anything impacting the FedRAMP posture and ATO timelines. Drive working groups and weekly syncs
  • Support pre-sales and customer conversations on FedRAMP posture and timelines alongside Sales
What we offer
What we offer
  • Generous Vacation Policy, plus extra floating holidays to use for religious or cultural events that matter to you
  • Employee Share Purchase Plan
  • Career progression/internal mobility opportunities
  • Four employee resource groups to get involved with (the Docebo Women's Alliance, PRIDE, BIDOC, and Green Ambassadors)
  • WeWork partnership and “Work from Anywhere” program
  • Fulltime
Read More
Arrow Right

Senior Information Security Officer

In a world of technology, people make the difference. We believe if we invest in...
Location
Location
United States , Reston
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrates strong experience with IC/DoD customer's Assessment and Authorization (A&A) process (e.g., RMF, NIST800-53, ICD503)
  • Experience in developing and implementing DoD/DIA approved information security controls, procedures and documentation for the operation of standalone classified systems
  • A Bachelor’s Degree from an accredited institute in an area applicable to this position and eight (8) years of relevant experience
  • An additional four (4) years of relevant experience may be substituted for the bachelor’s degree
  • Must presently be 8570 compliant (IAT Level 2 preferred)
  • Experience with one or more commercial government cloud service provider’s system accreditation processes
  • Experience with the Xacta
  • Experience as a Cybersecurity Control Assessor
  • Experience with Ongoing Authorizations and Assessments
  • Experience with C2S Cloud, or DevOpsSec
Job Responsibility
Job Responsibility
  • Provide subject matter expertise and consulting on security related matters for enterprise information system and network architectures, access problems, and implementation of security policies and procedures
  • Assist in overseeing and managing day-to-day operation of Information Systems
  • Optimize system operation and resource utilization and performs system capacity planning/analysis while maintaining the security posture
  • Assist team in DIA’s Authorization and Accreditation (A&A) process using RMF across the design lifecycle for classified systems obtaining and maintaining Interim Authority to Operate (ATO), ATO and Authority to Connect (ATC)
  • Create and process RMF authorization packages from submission to approval/disapproval
  • Develop and maintain IT security documents, including system security plans, risk assessments, Plan of Action and Milestones (POA&M), contingency plans, incident response plans, IT security policies and procedures
  • Provide recommendations regarding remediation and mitigation of identified vulnerabilities by developing plan of action and milestones (POA&Ms)
  • Advise developers on integrating security requirements
  • Demonstrate a strong understanding of Networks, Cloud, and IT system security authorization procedures
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...
Location
Location
United States , Washington
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • Minimum of six (6) years of hands-on experience in cybersecurity and expert knowledge of Governance Risk and Compliance
  • At least three (3) years supporting and maintaining system authorizations for complex systems
  • Demonstrated expertise in the Risk Management Framework (RMF), NIST SP 800-53 Rev 5, and related federal cybersecurity policies
  • Extensive experience managing ATO/ATT processes, security control assessments, POA&M lifecycle, vulnerability management, and audit response
  • Strong leadership experience mentoring junior and mid-level ISSOs and interfacing with senior government leadership
  • Must possess at least two of the following active certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Governance, Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Information Systems Security Management Professional (ISSMP), Certified Information Systems Auditor (CISA), Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), CompTIA Security+, Project Management Professional (PMP)
  • Proficiency in tools such as JCAM, Tenable Nessus, BigFix and Splunk
  • Ability to develop, review, and present high-level security documentation and briefings
  • Strong understanding of cloud platforms (IaaS, PaaS, SaaS), supply chain risk management, and incident response procedures
Job Responsibility
Job Responsibility
  • Support the maintenance of security documentation and support system ATO and ATT efforts
  • Conduct security control assessments and provide recommendations for remediation
  • Perform biweekly audit log and vulnerability scan reviews and track POA&M items
  • Collaborate with system owners and technical teams to manage risk and respond to incident
  • Support Ongoing Authorization (OA) and continuous monitoring activities
  • Prepare and brief senior leadership on system security posture and compliance metric
  • Ensure alignment with cybersecurity policies and NIST SP 800-53, 800-37, and 800-137
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Mid-Level Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • Minimum of four (4) years of hands-on experience in cybersecurity
  • Knowledge of Governance Risk and Compliance with at least one (1) year maintaining an Authorization to Operate (ATO) for a moderate or high-impact federal information system
  • Strong working knowledge with Federal policies, program standards, and NIST Special Publications guidelines
  • Experience drafting, reviewing, and maintaining system security documentation
  • Proficient in using various security tools
  • Strong communication, written, and presentation skills
  • Provide support and mentorship for Tier I ISSOs
  • Familiarity with vulnerability scanning tools and interpreting results
  • Must possess at least one of the following certifications: CISSP, CISM, CGRC, CRISC, ISSMP, CISA, CCSP, CEH, CompTIA Security+, PMP
Job Responsibility
Job Responsibility
  • Support the maintenance of security documentation and support system ATO and ATT efforts
  • Conduct security control assessments and provide recommendations for remediation
  • Perform biweekly audit log and vulnerability scan reviews and track POA&M items
  • Collaborate with system owners and technical teams to manage risk and respond to incident
  • Support Ongoing Authorization (OA) and continuous monitoring activities
  • Prepare and brief senior leadership on system security posture and compliance metric
  • Ensure alignment with DOJ cybersecurity policies and NIST SP 800-53, 800-37, and 800-137
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Junior Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • In lieu of a degree, a minimum of two (2) years of hands-on relevant experience is required
  • Minimum two (2) years of hands-on experience in Governance Risk and Compliance and the RMF process
  • Proficient with Federal policies, program standards, and NIST Special Publications guidelines to include but not limited to such as NIST SP 800-53, 800-37, 800-137
  • Experience supporting system security documentation, control assessments, and ATO or ATT packages for low to moderate-impact systems
  • Proficient on how to use various security tools, such as but not limited to: JCAM (or an equivalent GRC tool), Tenable, BigFix, and Splunk (or SIEM), and/or equivalent
  • Familiarity with tools such as JCAM and common security documentation templates
  • Exposure to POA&M tracking, audit support, and vulnerability scanning processes
  • Ability to draft and maintain basic cybersecurity documentation (e.g., SSP, CMP, IRP)
  • Detail-oriented with solid organizational and documentation skills
Job Responsibility
Job Responsibility
  • Support the development and maintenance of ATO/ATT documentation for low to moderate-impact systems
  • Assist with system security assessments and control evaluations under the Risk Management Framework (RMF)
  • Maintain security artifacts and documentation in JCAM
  • Conduct biweekly reviews of system logs and vulnerability scan results
  • Track and manage POA&Ms in coordination with senior ISSOs and system owners
  • Participate in continuous monitoring, training exercises, and contingency planning events
  • Ensure compliance with cybersecurity policies and NIST SP 800-53 control
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Information Security & OT Officer

Senior Information Security & OT Officer role at METLEN Energy & Metals, focusin...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
https://www.metlengroup.com Logo
Metlen Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information science, Information systems or a related scientific field
  • Master’s degree will be considered an asset
  • +5 years of experience in Information Security or Cybersecurity roles
  • Strong technical background in cybersecurity and OT security
  • Proven experience in managing information security in OT environments is a strong plus
  • Solid understanding of ISO 27001, ISA/IEC 62443, and NIS2 directives
  • Strong knowledge of risk management methodologies and compliance frameworks
  • Excellent collaboration and communication skills for multi-site and cross-border coordination
Job Responsibility
Job Responsibility
  • Respond to audit requirements for all international sites including factories, energy plants, and solar fields
  • Participate in cyber incident response processes related to international and local industrial installations
  • Guide technical leaders and support information security compliance in Greek and international operations
  • Propose cybersecurity architectures and solutions to safeguard operational technology (OT) infrastructure
  • Participate in management committees to inform senior leadership on cyber risks and compliance issues
  • Work closely with international IT business partners on cybersecurity topics across the global footprint
What we offer
What we offer
  • Competitive remuneration package
  • Ticket Restaurant Card
  • Group Health Insurance Plan
  • Preferential household electricity plan
  • Pension Plan
  • Fulltime
Read More
Arrow Right

Security Compliance Officer

As an IT compliance manager, you are part of the information security team. This...
Location
Location
Netherlands , Diemen
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
February 28, 2026
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Technology, Cybersecurity, or a related field
  • Certified Lead Auditor in ISO 27001:2013 or 2022 standard
  • At least 5 years of experience in conducting internal audits and implementing information security best practices
  • Strong understanding of information security principles, controls, and frameworks
  • Basic understanding and some experience in Third-Party Risk Management (TPRM) is preferred but not mandatory
  • Excellent communication and interpersonal skills, with the ability to collaborate effectively with diverse teams
  • Able to prepare concise reports for senior management, including C-level
  • Proficiency in relevant tools and technologies related to information security auditing
  • Good command of the English language
  • Excellent analytical skills
Job Responsibility
Job Responsibility
  • Improve Information security 2nd line of defense role at Randstad Global, in overseeing risk and monitoring of IT and IS related first-line-of-defense controls in our Operating Companies/markets
  • Conduct periodic internal compliance reviews / audits to assess and enhance the effectiveness of the information security management system of operating companies/markets , adhering to ISO 27001 standard
  • Ensure compliance with regulatory requirements and industry best practices
  • Perform gap analysis to evaluate the effectiveness and compliance of operational processes with our corporate security policies and guidelines
  • and provide recommendations to identify areas for improvement, with proposed remediation
  • Provide guidance to our colleagues located globally in becoming compliant with our control frameworks
  • Prepare comprehensive audit reports, highlighting findings and recommendations for improvement
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Poland Jobs Ireland Jobs Germany Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy