Job Requirements
Remote Washington, DC
Top Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
$120,000 - $130,000
Job Description
Information Systems Security Officer (ISSO)
PKH Enterprises is seeking a capable and motivated Information Systems Security Officer (ISSO) to support a federal client. The ideal candidate brings strong communication skills, attention to detail, and the ability to follow established processes while managing multiple security tasks. Candidates should be comfortable working in a dynamic environment and demonstrate a commitment to continuous learning — including a strong interest in developing skills in digital forensics.
Responsibilities
The candidate shall:
• Serve as an advisor on matters involving security for designated information system(s).
• Develop, update, and maintain comprehensive system security authorization documentation.
• Support privacy requirements and documentation for privacy intensive systems.
• Assist the Assessor with Ongoing Authorization (OA) and Security Control Assessment (SCA) activities according to established schedules.
• Manage system Plan of Action and Milestones (POA&Ms) in accordance with client policy.
• Provide Change Management support for assigned systems.
• Manage PKI certificates for assigned FISMA systems, ensuring timely renewals and revocations.
• Support the System Owner in day to day security compliance activities.
• Ensure management, operational, and technical controls are implemented and maintained throughout the system lifecycle, from requirements definition through decommissioning.
• Complete required Security Authorization (SA) documentation and support SA activities in accordance with NIST SP 800 37.
• Report IT security events and incidents in accordance with policy.
• Support one or multiple systems depending on size and complexity.
• Provide IT security and compliance support including SA artifact maintenance, Continuous Monitoring submissions, POA&M updates, vulnerability management coordination, and review of DHS or agency requirements.
• Ensure security controls are implemented and assessed in accordance with NIST SP 800 53 and SP 800 53A.
• Attend required ISSO security training and implement recommended updates.
• Review and analyze vulnerability scan results from tools such as Nessus, AppDetective, WebInspect, AppScan, and Nipper.
• Assist with internal and external audits, inquiries, and data calls.
• Support privileged account audits.
• Contribute to accurate OA assessments and documentation (e.g., trackers, TRALs, OA entry packages).
• Ensure timely submission of monthly Continuous Monitoring scan data.
• Support completion of privacy documentation including PTAs, PIAs, and e Authentication artifacts.
• Support SSI Threshold Analysis documentation as required.
• Execute responsibilities in accordance with Security Authorization and Ongoing Authorization SOPs.
Desired Qualifications
• Active security clearance; Top Secret preferred.
• Relevant cybersecurity certifications (e.g., Security+, Network+, CAP, CISSP, CIPT, ITIL, PMP).
• Strong written communication and documentation skills.
• Experience with or interest in privacy intensive systems.
• Demonstrated interest in learning digital forensics, including evidence handling, chain of custody, and forensic tools.
• Ability to work independently within established processes and collaborate effectively with system stakeholders.
• Strong analytical skills and willingness to expand technical and compliance expertise.
PKH Enterprises is seeking a capable and motivated Information Systems Security Officer (ISSO) to support a federal client. The ideal candidate brings strong communication skills, attention to detail, and the ability to follow established processes while managing multiple security tasks. Candidates should be comfortable working in a dynamic environment and demonstrate a commitment to continuous learning — including a strong interest in developing skills in digital forensics.
Responsibilities
The candidate shall:
• Serve as an advisor on matters involving security for designated information system(s).
• Develop, update, and maintain comprehensive system security authorization documentation.
• Support privacy requirements and documentation for privacy intensive systems.
• Assist the Assessor with Ongoing Authorization (OA) and Security Control Assessment (SCA) activities according to established schedules.
• Manage system Plan of Action and Milestones (POA&Ms) in accordance with client policy.
• Provide Change Management support for assigned systems.
• Manage PKI certificates for assigned FISMA systems, ensuring timely renewals and revocations.
• Support the System Owner in day to day security compliance activities.
• Ensure management, operational, and technical controls are implemented and maintained throughout the system lifecycle, from requirements definition through decommissioning.
• Complete required Security Authorization (SA) documentation and support SA activities in accordance with NIST SP 800 37.
• Report IT security events and incidents in accordance with policy.
• Support one or multiple systems depending on size and complexity.
• Provide IT security and compliance support including SA artifact maintenance, Continuous Monitoring submissions, POA&M updates, vulnerability management coordination, and review of DHS or agency requirements.
• Ensure security controls are implemented and assessed in accordance with NIST SP 800 53 and SP 800 53A.
• Attend required ISSO security training and implement recommended updates.
• Review and analyze vulnerability scan results from tools such as Nessus, AppDetective, WebInspect, AppScan, and Nipper.
• Assist with internal and external audits, inquiries, and data calls.
• Support privileged account audits.
• Contribute to accurate OA assessments and documentation (e.g., trackers, TRALs, OA entry packages).
• Ensure timely submission of monthly Continuous Monitoring scan data.
• Support completion of privacy documentation including PTAs, PIAs, and e Authentication artifacts.
• Support SSI Threshold Analysis documentation as required.
• Execute responsibilities in accordance with Security Authorization and Ongoing Authorization SOPs.
Desired Qualifications
• Active security clearance; Top Secret preferred.
• Relevant cybersecurity certifications (e.g., Security+, Network+, CAP, CISSP, CIPT, ITIL, PMP).
• Strong written communication and documentation skills.
• Experience with or interest in privacy intensive systems.
• Demonstrated interest in learning digital forensics, including evidence handling, chain of custody, and forensic tools.
• Ability to work independently within established processes and collaborate effectively with system stakeholders.
• Strong analytical skills and willingness to expand technical and compliance expertise.
group id: 10451030