Job Requirements
Washington, DC
Public Trust Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries
Job Description
Koniag Data Solutions, LLC, a Koniag Government Services company, is seeking an ISSO Analyst to support KDS and our government customer in Washington, DC. This position requires the candidate to be able to obtain a Public Trust.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Koniag Data Solutions, a Koniag Government Services company, is seeking a detail-oriented and motivated Information System Security Officer (ISSO) Analyst to support information security and compliance activities in support of the U.S. Small Business Administration (SBA). The ideal candidate is an entry to mid-level security professional with a foundational understanding of federal information security frameworks, security authorization processes, and risk management principles. This individual will play an important supporting role in ensuring SBA's information systems maintain appropriate security postures, meet federal compliance requirements, and operate under valid Authorizations to Operate (ATOs), working under the guidance of senior ISSO staff and SBA security leadership in a dynamic and mission-driven environment.
The ISSO Analyst will support the security authorization and continuous monitoring activities for SBA information systems, assisting senior ISSO staff and SBA security leadership in ensuring systems are properly documented, assessed, and maintained in compliance with applicable federal security requirements.
Principal responsibilities will include but are not limited to:
Education and Experience:
Required:
Desired:
Required Skills and Competencies:
Desired Skills and Competencies:
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment. The company is dedicated to seeking all qualified applicants.
If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Koniag Data Solutions, a Koniag Government Services company, is seeking a detail-oriented and motivated Information System Security Officer (ISSO) Analyst to support information security and compliance activities in support of the U.S. Small Business Administration (SBA). The ideal candidate is an entry to mid-level security professional with a foundational understanding of federal information security frameworks, security authorization processes, and risk management principles. This individual will play an important supporting role in ensuring SBA's information systems maintain appropriate security postures, meet federal compliance requirements, and operate under valid Authorizations to Operate (ATOs), working under the guidance of senior ISSO staff and SBA security leadership in a dynamic and mission-driven environment.
The ISSO Analyst will support the security authorization and continuous monitoring activities for SBA information systems, assisting senior ISSO staff and SBA security leadership in ensuring systems are properly documented, assessed, and maintained in compliance with applicable federal security requirements.
Principal responsibilities will include but are not limited to:
- Assist senior ISSOs in supporting the day-to-day security posture, compliance status, and security documentation of assigned SBA information systems throughout their lifecycle.
- Support the development, organization, and maintenance of security authorization packages for assigned SBA systems including System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), and other required ATO documentation under the direction of senior ISSO staff.
- Assist in supporting security control assessments and evaluations for assigned SBA information systems in accordance with NIST SP 800-53, NIST SP 800-53A, and SBA-specific security requirements and policies.
- Support the collection, organization, and review of security control evidence and artifacts to assist in evaluating the implementation and effectiveness of security controls across assigned systems.
- Assist in tracking and monitoring the status of security control deficiencies and POA&M items for assigned systems, supporting coordination with system owners and technical teams under senior ISSO guidance to help ensure timely remediation of identified weaknesses.
- Support continuous monitoring activities for assigned SBA systems, assisting in the collection, organization, and basic review of security assessment results, vulnerability scan findings, and other monitoring data under the direction of senior staff.
- Assist in coordinating with system owners, program managers, and technical teams to help ensure security requirements are properly considered and communicated in relation to system design, development, operations, and maintenance activities.
- Support the review and documentation of proposed changes to assigned SBA systems through the change management process, assisting in identifying potential security impacts under the direction of senior ISSO staff.
- Assist in the preparation, organization, and quality review of security authorization artifacts and documentation for submission to the SBA Authorizing Official (AO) and other relevant stakeholders in support of ATO decisions.
- Support the development and maintenance of security policies, procedures, and guidelines relevant to assigned systems under the direction of senior ISSO staff and SBA security leadership.
- Assist in preparing for and supporting security assessments, audits, and reviews conducted by internal and external assessors, providing documentation support, evidence collection assistance, and administrative coordination as needed.
- Support coordination with the SBA privacy team to help ensure privacy requirements are properly reflected within assigned system security documentation and control implementations.
- Assist in developing and maintaining security documentation tracking tools, spreadsheets, and reporting artifacts to support the management and oversight of ISSO activities across assigned systems.
- Participate in team meetings, training sessions, and knowledge-sharing activities to develop and maintain current knowledge of federal security requirements, NIST guidance, and SBA-specific security policies applicable to assigned systems.
- Stay current on federal cybersecurity requirements, NIST guidance updates, and SBA-specific security policy changes, applying this knowledge to support the accuracy and currency of assigned system security documentation under senior guidance.
Education and Experience:
Required:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field from an accredited college or university, OR equivalent combination of education and relevant work experience.
- 0-2 years of experience in information security, IT, or a related field, with some exposure to or basic familiarity with information security concepts, federal security frameworks, or security authorization processes.
- Foundational familiarity with federal information security concepts and frameworks including NIST SP 800-53 and the NIST Risk Management Framework (RMF) at a conceptual level.
- CompTIA Security+ certification or active pursuit of same, OR equivalent entry-level cybersecurity certification.
Desired:
- Associate's or Bachelor's degree in Cybersecurity, Information Technology, or a related field.
- Prior internship, academic project experience, or coursework related to federal information security, ISSO duties, or security authorization processes.
- CompTIA Security+ or equivalent entry-level cybersecurity certification already obtained.
Required Skills and Competencies:
- Foundational knowledge of federal information security frameworks, regulations, and standards including NIST SP 800-53, NIST SP 800-37, and FISMA at a conceptual level, with a demonstrated willingness and ability to develop deeper expertise over time.
- Basic understanding of the NIST Risk Management Framework (RMF) and its application to federal information system security authorization processes.
- Basic familiarity with federal security authorization documentation including SSPs, POA&Ms, SARs, and other ATO artifacts, with the ability to assist in their development, organization, and maintenance under senior guidance.
- Foundational understanding of security control concepts and the role of security control assessments in evaluating the security posture of federal information systems.
- Basic understanding of risk management principles and their relevance to information security and federal compliance requirements.
- Strong attention to detail with the ability to accurately collect, organize, and review security documentation and evidence artifacts in support of ISSO activities.
- Effective written and oral communication skills in English, with the ability to clearly document security information, assist in developing security artifacts, and communicate effectively with both technical and non-technical stakeholders.
- Strong organizational and time management skills with the ability to track multiple tasks and documentation items simultaneously while meeting deadlines and maintaining accuracy and quality.
- Ability to work effectively in a team environment under the guidance of senior ISSO staff and security leadership, demonstrating a positive attitude, eagerness to learn, and commitment to professional growth.
- Basic computer proficiency including familiarity with Microsoft Office Suite tools such as Word, Excel, and PowerPoint for documentation development and data tracking purposes.
- Ability to obtain and maintain a Public Trust clearance as required by the SBA.
Desired Skills and Competencies:
- Prior experience or academic exposure to ISSO duties, security control assessments, or security authorization activities, preferably in a federal government environment or in support of the SBA or a similar federal civilian agency.
- Basic familiarity with continuous monitoring concepts and the role of vulnerability scanning and security assessments in maintaining the ongoing security posture of federal information systems.
- Foundational familiarity with FedRAMP authorization processes and the security requirements applicable to cloud-based systems.
- Basic familiarity with cloud computing concepts and an awareness of cloud platforms such as AWS, Microsoft Azure, or Google Cloud Platform and their relevance to federal information system security.
- Familiarity with privacy requirements and their relationship to system security documentation, including basic awareness of PIAs and SORNs and their role in the federal security authorization process.
- Basic familiarity with Governance, Risk, and Compliance (GRC) tools such as Archer, ServiceNow GRC, CSAM, or similar platforms used to manage security authorization documentation and POA&M tracking.
- CompTIA Security+, CompTIA CySA+, or equivalent entry-level cybersecurity certification.
- Certified Authorization Professional (CAP) / Certified in Governance, Risk and Compliance (CGRC) certification or active pursuit of same.
- Strong desire and demonstrated ability to learn new technologies, frameworks, and security concepts in support of professional growth within the federal information security and ISSO field.
- Familiarity with basic data management and tracking tools including Microsoft Excel or similar applications for organizing and monitoring security documentation and compliance data across multiple assigned systems.
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment. The company is dedicated to seeking all qualified applicants.
If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
group id: 10201473