Posted today
Public Trust
$125,000 - $175,000
Unspecified
Security
McLean, VA (On-Site/Office)
Overview
Steampunk wants you to be a Security Control Assessor Information System Security Officer (SCA ISSO) Lead on our team to support a government customer. The primary responsibilities for the position are to prepare for all security assessment activities that ensure risk within the system is maintained at an acceptable level. The nature of the work requires that the candidate demonstrates initiative, organization, responsibility, customer service skills, and the ability to be flexible and adaptive to a fast-paced, fluid business environment. The candidate must be able to communicate effectively and decisively with all levels of the organization and be able to solve practical problems as well as exercise sound judgement with regards to sensitive and confidential information.
Contributions
As a lead on one of our ISSO teams, you will play an important role in leading a wide array of cybersecurity duties including:
Qualifications
Preferred Qualifications:
Preferred Skills:
Expert ability in the following:
About steampunk
Steampunk relies on several factors to determine salary, including but not limited to geographic location, contractual requirements, education, knowledge, skills, competencies, and experience. The projected compensation range for this position is $125,000 to $175,000. The estimate displayed represents a typical annual salary range for this position. Annual salary is just one aspect of Steampunk's total compensation package for employees. Learn more about additional Steampunk benefits here.
Identity Statement
As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology , we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company , we focus on investing in our employees to enable them to do the greatest work of their careers - and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com .
Steampunk wants you to be a Security Control Assessor Information System Security Officer (SCA ISSO) Lead on our team to support a government customer. The primary responsibilities for the position are to prepare for all security assessment activities that ensure risk within the system is maintained at an acceptable level. The nature of the work requires that the candidate demonstrates initiative, organization, responsibility, customer service skills, and the ability to be flexible and adaptive to a fast-paced, fluid business environment. The candidate must be able to communicate effectively and decisively with all levels of the organization and be able to solve practical problems as well as exercise sound judgement with regards to sensitive and confidential information.
Contributions
As a lead on one of our ISSO teams, you will play an important role in leading a wide array of cybersecurity duties including:
- Lead team of ISSOs, ensuring consistent, high-quality execution of assessment tasks in accordance with NIST SP 800-53, NIST RMF (SP 800-37), FedRAMP, and agency-specific guidance.
- Review security assessment plans (SAP), test procedures, Security Assessment Reports (SARs), and methodologies aligned with organizational and regulatory requirements.
- Oversee the completion of assessment preparedness for new, updated, or reauthorized systems, adjusting scope and resources as necessary.
- Ensure documentation and deliverables (SSP, SOPs, FIPS-199, system artifacts) meet audit, regulatory, and internal standards.
- Conduct quality reviews of assessment activities, potential findings, and documentation to preserve impartiality, traceability, and regulatory compliance.
- Attend interview meetings, identify compliance and non-compliance trends, update internal operating procedures, and provide support to team members.
- Drive organizational adoption of best practices, lessons learned, and continuous improvement in risk assessment processes.
Qualifications
- Masters degree and 6 years of cyber & FISMA experience; OR
- Bachelor's Degree and 8 years of cyber & FISMA experience; OR
- No degree and 12 years of experience, 10 of which must be cyber & FISMA
- One of the following certifications:
- Certified Information System Security Professional (CISSP)
- CompTIA Advanced Security Practitioner (CASP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Experience leading security assessment projects or cybersecurity teams, managing workflow and escalated issues.
- Ability to assign, review, and approve work of assessors, ensuring quality and compliance.
- Knowledge and experience with three or more: DHS Directive 4300A and NIST Special Pubs 800-30, 800-37, 800-39, 800-53, 800-60.
- Good understanding of NIST SP 800-53 controls, FIPS publications 199 and 200, and cybersecurity compliance standards.
- Expertise in developing assessment methodologies, managing timelines and deliverables, and reviewing documentation.
- Strong organizational and project management abilities for overseeing large-scale or complex security programs.
- Strong familiarity with documentation such as Security Assessment Plans (SAPs), Security Plans (SSPs), and Security Assessment Reports (SARs).
- Sound understanding of security controls, compliance requirements, risk analysis, and remediation strategies.
- Ability to coach and mentor team members.
Preferred Qualifications:
- Demonstrated ability to lead and prepare for security control assessments, RMF implementations, and mentor team members.
- Strong writing, communication, and presentation skills for leadership briefings, technical documentation, and assessment findings.
- Strong stakeholder engagement, including direct support to System Owners and federal leadership.
- Strong attention to detail in reviewing and preparing federal security documentation.
- Experience managing complex or escalated assessment issues and serving as a technical expert or project lead.
Preferred Skills:
Expert ability in the following:
- Peer-review assessment documentation and articulate discrepancies or concerns in security artifacts.
- Risk analysis and management skills for identifying threats, documenting risk levels, and recommending corrective actions.
About steampunk
Steampunk relies on several factors to determine salary, including but not limited to geographic location, contractual requirements, education, knowledge, skills, competencies, and experience. The projected compensation range for this position is $125,000 to $175,000. The estimate displayed represents a typical annual salary range for this position. Annual salary is just one aspect of Steampunk's total compensation package for employees. Learn more about additional Steampunk benefits here.
Identity Statement
As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology , we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company , we focus on investing in our employees to enable them to do the greatest work of their careers - and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com .
group id: 10150207
N
