March 16, 2026For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. The selected individual will lead all security engineering efforts for a large, complex network environment with geographically distributed systems; and will manage a team of Information Systems Security Officers (ISSOs) and Information Systems Security Engineers (ISSEs), providing technical leadership and direction to meet program requirements.
HII - Mission Technologies is currently seeking a SME Information System Security Manager (ISSM) to work out of Fairfax, VA in support of the DoD/DoW Advana War Data Platform designed to aggregate operational, intelligence, logistics, and sensor data from multiple domains, enable Joint All-Domain Command and Control (JADC2) by providing a common data fabric, and support AI/ML applications for predictive analytics, targeting, and mission planning. • 15 years relevant experience with Bachelors in related field; 13 years relevant experience with Masters in related field; 10 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 19 years relevant experience.
The employees supporting our customers deliver unique, high-value mission solutions while effectively leveraging the technological expertise of our valued workforce to meet critical mission requirements in the areas of Data Analytics and Software Development, Engineering, Targeting and Analysis, Operations, Training, and Cyber Operations. As an Information Security Analyst performing as an Information Systems Security Officer (ISSO), a typical day will include the following duties: - Performs audit log analysis, report generation and brief findings to Senior Management.
The entire section leverages agile and works to provide enhanced reporting and global searching capabilities to facilitate task management, cross-utilization, and address national intelligence priorities while protecting confidential data and sources. As appropriate, each employee is responsible for completing all training requirements and fulfilling all self-aid/buddy aid responsibilities, participating in emergency response tasks and serving on safety committees and teams.
p>Minimum Requirements (Knowledge, Skills, and Abilities): - Minimum of 7 years of experience collectively with the following:
- Proven work experience as an Information Systems Security Officer or a similar role, preferably in a complex organizational setting. The entire section leverages agile and works to provide enhanced reporting and global searching capabilities to facilitate task management, cross-utilization, and address national intelligence priorities while protecting confidential data and sources.
Arlington, VA30+ days ago
This position ensures information systems security compliance and manages security controls for DoD cloud migration projects while coordinating security accreditation activities and maintaining ongoing security posture. INFORMATION SYSTMES SECURITY OFFICER - CLOUD SECURITY SPECIALIST (NAUT): Bowhead seeks an Information Systems Security Officer (ISSO Cloud) to support our customer on the Nautical contract in the Arlington, VA area.
Perform and support risk assessments, threat and vulnerability management, audits, and incident response activities, serving as a domain expert in coordination with the Computer Security Incident Response Team (CSIRT). What you will be doing: Acting as the primary information security partner to assigned business lines and operating companies, providing risk insights and practical mitigation guidance to strengthen the enterprise cybersecurity posture.
Arlington, VA30+ days ago
Minimum of 16+ years of information security experience with demonstrated expertise in cloud security• Minimum of 5+ years of DoD security experience in enterprise environments• Minimum of 3+ years of hands-on experience with cloud security frameworks and implementations• Complete understanding and experience implementing requirements of the NISPOM and ICDs• Knowledge of cloud security principles and FedRAMP requirements• Meets the Core and Additional Knowledge, Skills, and Abilities Tasks (KSATs) defined in the DoD Cyber Workforce Framework• Demonstrated ability to develop solutions to complex security problems• Proven ability to work in fast-paced, deadline-driven environments• Excellent verbal and written communication skills for technical and executive audiences• Recent experience with security management policies and procedures• Proficiency with Microsoft Office Suite and security management tools. CERTIFICATION REQUIREMENTS:
Required: CISSP, CISM, or equivalent DoD Directive 8570 compliant certification; CompTIA Security+Desired: GCIH, GSEC, CISSP, CISA, FITSP-M, GCSA, GISF, SSCP, CEH, or other advanced security certifications.
li>Translating "Geek to Greek": The unique ability to explain a highly complex technical vulnerability to a non-technical Board member or leadership team using simple, non-alarmist analogies. Hands-on & Strategic Balance: Proven track record of operating at a high strategic level with the ability to "roll up your sleeves" to troubleshoot complex architectural issues, infrastructure outages, or urgent security incidents alongside engineers.
Gaithersburg, MD11 days ago
li>Demonstrated ability to apply LLMs and agentic automation to improve cybersecurity and business outcomes, translating use cases into measurable gains (for example faster risk triage, better control evidence, improved detection and response) while protecting sensitive data.
Deep experience implementing and operationalizing controls defined by NIST CSF, ISO 27001/27002, CIS Controls, and related cybersecurity control frameworks, and demonstrating measurable maturity improvement at enterprise scale.
The role also supports the ability to maintain assurance in our technical security controls, especially on the Cloud, so that risks to the confidentiality, integrity, and availability of the bank's information systems and infrastructure are sufficiently mitigated which in turn, supports the bank's operational and compliance goals. City First Bank N.A. is a mission-driven Community Development Financial Institution (CDFI) principally focused on a transformative impact in underserved, urban markets with the highest needs to drive equitable economic development.
Washington, DC30+ days ago
The selected incumbent will be responsible for ensuring the confidentiality, integrity, and availability of enclave systems, networks, and data, including Controlled Unclassified Information (CUI), in accordance with federal cybersecurity requirements and institutional policies. We are searching for a Senior Information Security Officer (SISO) who will provide leadership and oversight for cybersecurity operations within a designated secure enclave supporting federally sponsored research.
This includes following Ntiva's IT User and Security Policies that include but are not limited to password-protecting all equipment, keeping confidential and proprietary documents secure, refraining from using public Wi-Fi, having adequate arrangements in place to avoid significant interruptions from caregiving responsibilities during work hours (except in emergency situations with manager approval). Provide direct support to Sales and Account Management teams during CMMC and broader compliance discussions with prospective and existing clients, including but not limited to client calls, strategy sessions, and proposal development.
Critical deliverables include preparing Security Test Plans 90 days prior to testing and Security Test Reports within 15 days after testing, generating POA&Ms within 0 to 15 days after vulnerability identification, and updating System Security Plans, Configuration Management Plans, and Contingency Plans annually or when changes occur. This position requires following the Information Systems Security Officer (ISSO) Guide when developing, updating, or reviewing required security artifacts and tracking and suggesting technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
The Senior ISSO will ensure proper access controls are implemented for both system access and physical access to data processing facilities, track and suggest technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access, and research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and network and device security and encryption. Critical deliverables include preparing Security Test Plans 90 days prior to testing and Security Test Reports within 15 days after testing, generating Risk Assessment Reports within 0 to 15 days after analysis completion, and producing Weekly Activity Reports and Monthly Program Reports to track progress and compliance.
The incumbent directs cybersecurity operations, security monitoring, threat assessment, incident response, cyber continuity planning, and resiliency initiatives across on-premises, cloud, and externally hosted environments supporting County applications, infrastructure, communications, endpoints, and data systems. OIT will provide leadership, expertise, and resources in the ideation, development, and deployment of innovative technologies and streamlined processes to improve government efficiency, business interaction, and citizen access to government information and services.
Washington, DC30+ days ago
Contribute to the ongoing information security initiatives and improvements, development, implementation, and maintenance of information security for FLUOps Serves as an Information Security subject matter expert and participates in the development, implementation, and maintenance of information security for FLUOps Provides guidance and advocacy regarding the prioritization of investments that impact information security Advises management on risk issues related to information security and recommends actions in support of the banks wider risk management and compliance programs Monitors information security trends, internal and external to the bank, and keeps leadership informed Manages quality control and reporting Ensures compliance with policies and laws. Drives GISFLUOps risk deliverables Collaborates with risk partners on info security critical priorities Participates in senior FLUOps specific Risk Management & Business Continuity Routines Identifies and measures global information security GIS controls on most critical business processes or channels.
Washington, District of Columbia11 days ago
li>Provide leadership supporting a team to streamline and maintain a modern compliance model for cybersecurity safeguards, including access controls, MFA, encryption, asset classification, change management, patch management, network segmentation, firewalls, detection technologies including network and endpoint security, insider threat protection, logging and network monitoring, and vulnerability management.
Proactively identify, assess, and prioritize IT risks to data and systems in coordination with OT portfolio management and OERM including internal/external threats, cyber-crimes, and vendor/third-party risks; partner with OERM or relevant stakeholders on the appropriate courses of action to mitigate or eliminate risk.
Mt. Weather, VA30+ days ago
Responsibilities: The Intermediate Information System Security Officer (ISSO) shall provide support to the designated Information System Security Officer (ISSO) to ensure customer systems maintain their Authority to Operate (ATO) with a security posture in accordance with DHS 4300A and NIST SP guidance. Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.
We recommend that your resume includes examples that are clear, concise, and emphasize their level of responsibilities, the scope and complexity of the programs, activities, or services managed; program accomplishments; policy initiatives undertaken; level of contacts; the sensitivity and criticality of the issues addressed; and the results of actions taken. If you are currently serving under a career Senior Executive Service appointment, are eligible for reinstatement into the Senior Executive Service, or have completed a Senior Executive Service Candidate Development Program (SES CDP) approved by OPM, you only need to submit a two-page resume and personnel action showing you have held a career SES position.
Washington, Washington, DC7 days ago
li>Review, update, and deliver enterprise privacy training programs, including privacy awareness, advanced privacy training, records management, data collection practices, and role-based training models tailored to Legislative Branch versus DoD applicability. The successful candidate will ensure information systems meet security requirements and will lead and support ongoing privacy-related activities, including the development, implementation, maintenance, and enforcement of federal and organizational policies and procedures governing the protection of Personally Identifiable Information (PII) and other sensitive data.
Washington Dc, District of Columbia18 days ago
Critical deliverables include preparing Security Test Plans 90 days prior to testing and Security Test Reports within 15 days after testing, generating POA&Ms within 0 to 15 days after vulnerability identification, and updating System Security Plans, Configuration Management Plans, and Contingency Plans annually or when changes occur. This position requires following the Information Systems Security Officer (ISSO) Guide when developing, updating, or reviewing required security artifacts and tracking and suggesting technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
Washington Dc, District of Columbia18 days ago
The Senior ISSO will ensure proper access controls are implemented for both system access and physical access to data processing facilities, track and suggest technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access, and research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and network and device security and encryption. Critical deliverables include preparing Security Test Plans 90 days prior to testing and Security Test Reports within 15 days after testing, generating Risk Assessment Reports within 0 to 15 days after analysis completion, and producing Weekly Activity Reports and Monthly Program Reports to track progress and compliance.
ITSO manages the judiciarys IT security program; promotes the confidentiality, integrity, and availability of the judiciarys IT; oversees the judiciarys security operations; proposes national IT security policies; and establishes collaborative relationships with third-party partners to ensure the judiciarys IT security. Court Name/Organization Administrative Office of the U.S. Courts Overview of the Position The Deputy Chief Information Security Officer position is in the Department of the Chief Information Office (DCIO), Information Technology Security Office (ITSO).
p>Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. We are seeking an experienced Information System Security Officer (ISSO) to help protect, maintain, and strengthen the security posture of complex systems that support high‑priority intelligence programs.
Washington, DC18 days ago
The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. (SSS) assists the AF cognizant security authority in oversight of enhanced National Security Objectives supporting AF SAP interests through active and integrated security operations, processes, mechanisms, and management.
Washington, DC18 days ago
p>The Air Force (AF) Special Access Program (SAP) Security Support Services (SSS) assists the AF cognizant security authority in oversight of enhanced National Security Objectives supporting AF SAP interests through active and integrated security operations, processes, mechanisms, and management. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts.
HII - Mission Technologies is currently seeking a Senior Information System Security Officer (ISSO) to work out of Fairfax, VA in support of the DoD/DoW Advana War Data Platform designed to aggregate operational, intelligence, logistics, and sensor data from multiple domains, enable Joint All-Domain Command and Control (JADC2) by providing a common data fabric, and support AI/ML applications for predictive analytics, targeting, and mission planning. Requirements: • 10 years relevant experience with Bachelors in related field; 7 years relevant experience with Masters in related field; 4 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 13 years relevant experience.
p>Minimum Qualifications: - Bachelors degree in Computer Science, Cybersecurity, or other cyber discipline and 5 years' experience performing duties of an Information Systems Security Officer (ISSO) at a cleared facility or 10+ years of experience with High School diploma.
- Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP), Certified Information System Manager (CISM), or Information Assurance Management (IAM) Level II proficiency.
In the wake of 9/11, Zel Technologies rapidly expanded its capabilities to provide turnkey ISR support services to US Special Operations Forces (SOF), as well as advanced technical & operational intelligence, physical & data science, and engineering support services to the greater Intelligence and SOF Communities supporting global counterterrorism and CWMD operations. Originally focused on leveraging operational and software expertise to improve time-critical targeting capabilities for the military, the company advanced its capabilities to provide scientific and HUMINT expertise for CBRNE collection and analysis.
li style="font-family:'helvetica' , 'arial' , sans-serif">Develop, review, and maintain accreditation artifacts including System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessments, and POA&Ms. - Bachelor's Degree, or more advanced degree, in Information Technology, Computer Science, Cybersecurity, Computer Engineering, or Information Systems or related field .
Washington, DC23 days ago
Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. This role is responsible for maintaining security documentation, supporting authorization activities, conducting risk and vulnerability assessments, managing access controls, monitoring security events, and responding to incidents within a classified environment.
Herndon, Virginia30+ days ago
p style="margin:0px">Peraton offers enhanced benefits to employees working on this critical National Security program, which include heavily subsidized employee benefits coverage for you and your dependents, 25 days of PTO accrued annually up to a generous PTO cap and eligible to participate in an attractive bonus plan. The ideal candidate will be confident writing Security Test Procedures (STPs), building Security Controls Traceability Matrices (SCTMs), interpreting ACAS/Nessus scan results, and using Splunk to verify control effectiveness.
Chantilly, VA30+ days ago
p>Responsibilities include but are not limited to: - Ensure the day-to-day implementation oversight, continuous monitoring, and maintenance of the security configuration practices and procedures for each IS, and that selected security controls are implemented and operating as intended during all phases of the IS lifecycle.
Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP WebInspect, Network Mapper (NMAP), and/or similar applications.
p>Exiger is named a Leader in the Gartner Magic Quadrant for Supplier Risk Management, twice selected as one of Fast Company's 'Brands That Matter,' and recipient of the Third Party Risk Association's Innovator Award, Exiger's technology has been recognized by leading analyst evaluations and 50+ awards. Our AI platform, 1Exiger, delivers instant visibility into complex supplier ecosystems, leveraging proprietary data and advanced AI to surface risk, automate compliance, and unlock efficiencies and cost savings to strengthen long-term resilience.
Annapolis Junction, Maryland20 days ago
Overview: 
Senior Information System Security Officer. You’ll shape and maintain the security posture of diverse platforms, guiding secure development practices, assessing risks, monitoring vulnerabilities, and driving remediation strategies that protect sensitive data and critical workflows.
There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, education and certifications as well as contract provisions regarding labor categories that are specific to the position and could fall outside of this range. National Resilience – supporting agencies such as Federal Deposit Insurance Corporation (FDIC), Treasury, Health & Human Services (HHS), National Institutes of Health (NIH), National Oceanic and Atmospheric Administration (NOAA) and the United States Department of Agriculture (USDA).
p>The Lead ISSO reports to the Security Program Management Office (SPMO) Manager and is responsible for leading a small team supporting system security, authorization, continuous monitoring, and risk management functions across assigned systems. By providing the information below and checking the boxes referenced, you acknowledge and consent to SAIC''s Privacy Policy to include access and use of your information for the purposes of sharing your information for possible employment recruitment effects by SAIC and it''s third party vendors.
Washington, DC21 days ago
div class="ui-form-item ui-form-item-horizontal">
Washington, DC21 days ago
div class="ui-form-item ui-form-item-horizontal">
div class="ui-form-item ui-form-item-horizontal">
Washington, DC13 days ago
div class="ui-form-item ui-form-item-horizontal">
This role requires experience supporting Risk Management Framework (RMF) activities, implementing security controls, monitoring system security posture, and ensuring information systems remain compliant with federal cybersecurity requirements while supporting mission objectives. The selected candidate will act as a trusted advisor to System Owners (SOs), Business Process Owners, Information System Security Managers (ISSMs), and cybersecurity leadership on matters related to information system security, risk management, and regulatory compliance.
This individual will serve as a senior cybersecurity and cloud security resource responsible for supporting the security posture, compliance activities, and operational security requirements for enterprise cloud environments and associated information systems. The SMX salary determination process takes into account a number of factors, including but not limited to, geographic location, Federal Government contract labor categories, relevant prior work experience, specific skills, education and certifications.
This role requires extensive experience implementing and maintaining security controls, supporting Risk Management Framework (RMF) activities, leading authorization efforts, and providing technical guidance across multiple systems and projects. The selected candidate will function as the principal advisor to System Owners (SOs), Business Process Owners, Information System Security Managers (ISSMs), and cybersecurity leadership on all matters involving information system security.
p>The ideal candidate has experience administering and securing SAP information systems, working with government security stakeholders, and implementing cybersecurity controls in accordance with NIST, JSIG, and DoD policies. Job Description:
We are seeking a mid-level Information System Security Officer (ISSO) to support and manage classified and/or sensitive information systems operating under the Department of Defense (DoD) Special Access Program (SAP) environment.
Washington, DC14 days ago
p>OneZero Solutions is on contract to provide division-wide support for Federal Information Security Modernization Act (FISMA) compliance, execution of the Risk Management Framework (RMF) process to achieve and maintain Authority to Operate (ATO) security authorizations, and deliver cyber security compliance for DHS operational mission systems. Additional details can be found on our website at: https://www.onezerollc.com/careers/.
Fort Meade, MD30+ days ago
ul>Perform certification assessments for assigned programs to include review of change requests; review of ports, protocols, and services; whitelist requests; self-assessments results; statements of compliance; scan and STIG reviews; systems security plans; cybersecurity control evidence and artifacts; and on-site review results. Semper Valens Solutions, Inc. (SVS) is a Service-Disabled Veteran Owned Small Business (SDVOSB) providing Cost Effective Software and Systems Engineering, Field Support, Training and Full Life cycle Support Management to the DOD and VA community.