Senior Information Systems Security Officer Job at 2HB (Annapolis Junction)

Senior Information System Security Officer

We are seeking a highly skilled and mission-driven Senior Information Systems Se...

Location

United States , Clarksburg

Salary:

Not provided

Innovative Management & Technology Services

Expiration Date

Until further notice

Requirements

Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent combination of education and experience)
8+ years of progressive experience in information systems security, with at least 3 years in a senior-level or lead ISSO role supporting federal or state government agencies
Strong working knowledge of: NIST 800-53, RMF, FISMA, OWASP Top 10, and SANS Institute standards
SAFe Agile environments and integrating security in Agile workflows
Networking, Linux/Windows system administration, and secure software development practices
Cloud platforms (AWS, Azure, GCP) and related security tools (e.g., AWS Security Hub, Azure Defender)
Experience in managing security documentation, participating in audits, and working with compliance frameworks
Relevant certifications such as CISSP, CISM, Security+, CEH, or equivalent
Active Top Secret clearance is required
U.S. Citizenship is required

Job Responsibility

Lead the implementation and maintenance of system security controls in compliance with federal cybersecurity frameworks, including NIST SP 800-53, RMF, OWASP, DISA STIGs, and Common Criteria
Oversee the full lifecycle of Authorization to Operate (ATO) processes, including preparation of System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and risk assessments
Serve as a senior security advisor and liaison to system owners, developers, DevOps engineers, and government stakeholders
Participate in technical reviews of system architecture and ensure secure design of virtualized and software-defined infrastructures
Support integration of security controls into CI/CD pipelines using DevSecOps principles and tools (e.g., Jenkins, GitLab CI, SonarQube, Snyk)
Provide security engineering support for modern cloud environments, including AWS, Azure, or Google Cloud Platform, and assess cloud-native security capabilities
Conduct vulnerability assessments, interpret scan results from tools like Tenable, Nessus, Splunk, or Qualys, and lead remediation efforts
Mentor junior ISSOs and analysts on security policies, best practices, and tool usage
Ensure continuous monitoring activities are aligned with organizational risk tolerance and compliance goals

What we offer

competitive compensation
excellent benefits including tuition reimbursement and employer-contributed 401K
referral bonuses

Fulltime

Information Systems Security Officer

The Information Systems Security Officer (ISSO) is responsible for safeguarding ...

Location

United States; Canada , Athens, Georgia; Atlanta, Georgia; Toronto, Ontario

Salary:

Not provided

Docebo

Expiration Date

Until further notice

Requirements

8+ years of experience in information systems security, with a focus on compliance with NIST and DoD guidelines
In-depth knowledge of FedRAMP, NIST SP 800-37, NIST SP 800-53, and DoD 8510.01 policies and procedures
Strong technical writing skills for developing SOPs, work instructions, and senior-level briefs
Proficient in risk and vulnerability assessment, security infrastructure design, and continuous monitoring
Prior experience on obtaining FedRamp ATO

Job Responsibility

Own the FedRAMP/DoD RMF authorization lifecycle for assigned systems (strategy → authorization → continuous monitoring → ATO maintenance)
Define and maintain the FedRAMP program governance model, roles & responsibilities (including Sponsor/Authorizing Official interactions)
Create, own, maintain, and version-control the System Security Plan (SSP), Security Assessment Report (SAR), continuous monitoring (ConMon) artifacts, POA&Ms, SSP annexes, and all ATO package deliverables
Build and run the ConMon program: define telemetry requirements, dashboards, vulnerability ingestion, thresholds, incident feed, and reporting cadence
Triage vulnerabilities, manage POA&Ms (track remediation owners, dates, residual risk), and ensure POA&M closure meets customer and FedRAMP expectations
Lead the selection, engagement, and technical coordination with 3PAOs and any external assessors. Ensure assessments, testing, and SAR content are accurate and timely
Evaluate security impact for architectural or operational changes (Security Impact Analysis), own risk acceptance processes, and coordinate Risk Acceptance with Sponsors/Authorizing Officials
Integrate change control with the ConMon program to ensure authorized/approved changes are documented and do not break control baselines
Act as the primary internal liaison across Product, Engineering, DevOps, Security, Sales, Legal, and Marketing for anything impacting the FedRAMP posture and ATO timelines. Drive working groups and weekly syncs
Support pre-sales and customer conversations on FedRAMP posture and timelines alongside Sales

What we offer

Generous Vacation Policy, plus extra floating holidays to use for religious or cultural events that matter to you
Employee Share Purchase Plan
Career progression/internal mobility opportunities
Four employee resource groups to get involved with (the Docebo Women's Alliance, PRIDE, BIDOC, and Green Ambassadors)
WeWork partnership and “Work from Anywhere” program

Fulltime

Senior Information Security Officer

In a world of technology, people make the difference. We believe if we invest in...

Location

United States , Reston

Salary:

Not provided

AnaVation

Expiration Date

Until further notice

Requirements

Demonstrates strong experience with IC/DoD customer's Assessment and Authorization (A&A) process (e.g., RMF, NIST800-53, ICD503)
Experience in developing and implementing DoD/DIA approved information security controls, procedures and documentation for the operation of standalone classified systems
A Bachelor’s Degree from an accredited institute in an area applicable to this position and eight (8) years of relevant experience
An additional four (4) years of relevant experience may be substituted for the bachelor’s degree
Must presently be 8570 compliant (IAT Level 2 preferred)
Experience with one or more commercial government cloud service provider’s system accreditation processes
Experience with the Xacta
Experience as a Cybersecurity Control Assessor
Experience with Ongoing Authorizations and Assessments
Experience with C2S Cloud, or DevOpsSec

Job Responsibility

Provide subject matter expertise and consulting on security related matters for enterprise information system and network architectures, access problems, and implementation of security policies and procedures
Assist in overseeing and managing day-to-day operation of Information Systems
Optimize system operation and resource utilization and performs system capacity planning/analysis while maintaining the security posture
Assist team in DIA’s Authorization and Accreditation (A&A) process using RMF across the design lifecycle for classified systems obtaining and maintaining Interim Authority to Operate (ATO), ATO and Authority to Connect (ATC)
Create and process RMF authorization packages from submission to approval/disapproval
Develop and maintain IT security documents, including system security plans, risk assessments, Plan of Action and Milestones (POA&M), contingency plans, incident response plans, IT security policies and procedures
Provide recommendations regarding remediation and mitigation of identified vulnerabilities by developing plan of action and milestones (POA&Ms)
Advise developers on integrating security requirements
Demonstrate a strong understanding of Networks, Cloud, and IT system security authorization procedures

What we offer

Generous cost sharing for medical insurance for the employee and dependents
100% company paid dental insurance for employees and dependents
100% company paid long-term and short term disability insurance
100% company paid vision insurance for employees and dependents
401k plan with generous match and 100% immediate vesting
Competitive Pay
Generous paid leave and holiday package
Tuition and training reimbursement
Life and AD&D Insurance

Fulltime

Senior Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...

Location

United States , Washington

Salary:

Not provided

AnaVation

Expiration Date

Until further notice

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, or a related field
Minimum of six (6) years of hands-on experience in cybersecurity and expert knowledge of Governance Risk and Compliance
At least three (3) years supporting and maintaining system authorizations for complex systems
Demonstrated expertise in the Risk Management Framework (RMF), NIST SP 800-53 Rev 5, and related federal cybersecurity policies
Extensive experience managing ATO/ATT processes, security control assessments, POA&M lifecycle, vulnerability management, and audit response
Strong leadership experience mentoring junior and mid-level ISSOs and interfacing with senior government leadership
Must possess at least two of the following active certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Governance, Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Information Systems Security Management Professional (ISSMP), Certified Information Systems Auditor (CISA), Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), CompTIA Security+, Project Management Professional (PMP)
Proficiency in tools such as JCAM, Tenable Nessus, BigFix and Splunk
Ability to develop, review, and present high-level security documentation and briefings
Strong understanding of cloud platforms (IaaS, PaaS, SaaS), supply chain risk management, and incident response procedures

Job Responsibility

Support the maintenance of security documentation and support system ATO and ATT efforts
Conduct security control assessments and provide recommendations for remediation
Perform biweekly audit log and vulnerability scan reviews and track POA&M items
Collaborate with system owners and technical teams to manage risk and respond to incident
Support Ongoing Authorization (OA) and continuous monitoring activities
Prepare and brief senior leadership on system security posture and compliance metric
Ensure alignment with cybersecurity policies and NIST SP 800-53, 800-37, and 800-137

What we offer

Generous cost sharing for medical insurance for the employee and dependents
100% company paid dental insurance for employees and dependents
100% company paid long-term and short term disability insurance
100% company paid vision insurance for employees and dependents
401k plan with generous match and 100% immediate vesting
Competitive Pay
Generous paid leave and holiday package
Tuition and training reimbursement
Life and AD&D Insurance

Fulltime

Mid-Level Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...

Location

United States , Washington, DC

Salary:

Not provided

AnaVation

Expiration Date

Until further notice

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, or a related field
Minimum of four (4) years of hands-on experience in cybersecurity
Knowledge of Governance Risk and Compliance with at least one (1) year maintaining an Authorization to Operate (ATO) for a moderate or high-impact federal information system
Strong working knowledge with Federal policies, program standards, and NIST Special Publications guidelines
Experience drafting, reviewing, and maintaining system security documentation
Proficient in using various security tools
Strong communication, written, and presentation skills
Provide support and mentorship for Tier I ISSOs
Familiarity with vulnerability scanning tools and interpreting results
Must possess at least one of the following certifications: CISSP, CISM, CGRC, CRISC, ISSMP, CISA, CCSP, CEH, CompTIA Security+, PMP

Job Responsibility

Support the maintenance of security documentation and support system ATO and ATT efforts
Conduct security control assessments and provide recommendations for remediation
Perform biweekly audit log and vulnerability scan reviews and track POA&M items
Collaborate with system owners and technical teams to manage risk and respond to incident
Support Ongoing Authorization (OA) and continuous monitoring activities
Prepare and brief senior leadership on system security posture and compliance metric
Ensure alignment with DOJ cybersecurity policies and NIST SP 800-53, 800-37, and 800-137

What we offer

Generous cost sharing for medical insurance for the employee and dependents
100% company paid dental insurance for employees and dependents
100% company paid long-term and short term disability insurance
100% company paid vision insurance for employees and dependents
401k plan with generous match and 100% immediate vesting
Competitive Pay
Generous paid leave and holiday package
Tuition and training reimbursement
Life and AD&D Insurance

Fulltime

Junior Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...

Location

United States , Washington, DC

Salary:

Not provided

AnaVation

Expiration Date

Until further notice

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, or a related field
In lieu of a degree, a minimum of two (2) years of hands-on relevant experience is required
Minimum two (2) years of hands-on experience in Governance Risk and Compliance and the RMF process
Proficient with Federal policies, program standards, and NIST Special Publications guidelines to include but not limited to such as NIST SP 800-53, 800-37, 800-137
Experience supporting system security documentation, control assessments, and ATO or ATT packages for low to moderate-impact systems
Proficient on how to use various security tools, such as but not limited to: JCAM (or an equivalent GRC tool), Tenable, BigFix, and Splunk (or SIEM), and/or equivalent
Familiarity with tools such as JCAM and common security documentation templates
Exposure to POA&M tracking, audit support, and vulnerability scanning processes
Ability to draft and maintain basic cybersecurity documentation (e.g., SSP, CMP, IRP)
Detail-oriented with solid organizational and documentation skills

Job Responsibility

Support the development and maintenance of ATO/ATT documentation for low to moderate-impact systems
Assist with system security assessments and control evaluations under the Risk Management Framework (RMF)
Maintain security artifacts and documentation in JCAM
Conduct biweekly reviews of system logs and vulnerability scan results
Track and manage POA&Ms in coordination with senior ISSOs and system owners
Participate in continuous monitoring, training exercises, and contingency planning events
Ensure compliance with cybersecurity policies and NIST SP 800-53 control

What we offer

Generous cost sharing for medical insurance for the employee and dependents
100% company paid dental insurance for employees and dependents
100% company paid long-term and short term disability insurance
100% company paid vision insurance for employees and dependents
401k plan with generous match and 100% immediate vesting
Competitive Pay
Generous paid leave and holiday package
Tuition and training reimbursement
Life and AD&D Insurance

Fulltime

Senior Information Security & OT Officer

Senior Information Security & OT Officer role at METLEN Energy & Metals, focusin...

Location

Greece , Athens

Salary:

Not provided

Metlen Group

Expiration Date

Until further notice

Requirements

Bachelor’s degree in Information science, Information systems or a related scientific field
Master’s degree will be considered an asset
+5 years of experience in Information Security or Cybersecurity roles
Strong technical background in cybersecurity and OT security
Proven experience in managing information security in OT environments is a strong plus
Solid understanding of ISO 27001, ISA/IEC 62443, and NIS2 directives
Strong knowledge of risk management methodologies and compliance frameworks
Excellent collaboration and communication skills for multi-site and cross-border coordination

Job Responsibility

Respond to audit requirements for all international sites including factories, energy plants, and solar fields
Participate in cyber incident response processes related to international and local industrial installations
Guide technical leaders and support information security compliance in Greek and international operations
Propose cybersecurity architectures and solutions to safeguard operational technology (OT) infrastructure
Participate in management committees to inform senior leadership on cyber risks and compliance issues
Work closely with international IT business partners on cybersecurity topics across the global footprint

What we offer

Competitive remuneration package
Ticket Restaurant Card
Group Health Insurance Plan
Preferential household electricity plan
Pension Plan

Fulltime

Security Compliance Officer

As an IT compliance manager, you are part of the information security team. This...

Location

Netherlands , Diemen

Salary:

Not provided

Randstad

Expiration Date

February 28, 2026

Requirements

Bachelor's degree in Information Technology, Cybersecurity, or a related field
Certified Lead Auditor in ISO 27001:2013 or 2022 standard
At least 5 years of experience in conducting internal audits and implementing information security best practices
Strong understanding of information security principles, controls, and frameworks
Basic understanding and some experience in Third-Party Risk Management (TPRM) is preferred but not mandatory
Excellent communication and interpersonal skills, with the ability to collaborate effectively with diverse teams
Able to prepare concise reports for senior management, including C-level
Proficiency in relevant tools and technologies related to information security auditing
Good command of the English language
Excellent analytical skills

Job Responsibility

Improve Information security 2nd line of defense role at Randstad Global, in overseeing risk and monitoring of IT and IS related first-line-of-defense controls in our Operating Companies/markets
Conduct periodic internal compliance reviews / audits to assess and enhance the effectiveness of the information security management system of operating companies/markets , adhering to ISO 27001 standard
Ensure compliance with regulatory requirements and industry best practices
Perform gap analysis to evaluate the effectiveness and compliance of operational processes with our corporate security policies and guidelines
and provide recommendations to identify areas for improvement, with proposed remediation
Provide guidance to our colleagues located globally in becoming compliant with our control frameworks
Prepare comprehensive audit reports, highlighting findings and recommendations for improvement

Fulltime

Senior Information Systems Security Officer

2HB

Location:
United States , Annapolis Junction

Category:
IT - Administration

Contract Type:
Not provided

Salary:

Job Description:

Job Responsibility:

Requirements:

Additional Information:

Job Posted:
January 05, 2026

Looking for more opportunities? Search for other job offers that match your skills and interests.

Similar Jobs for Senior Information Systems Security Officer