Information Systems Security Officer

PKH Enterprises

Washington, DC, USA

Published: 6/14/2022

Technology

Full Time

Job Description

Information Systems Security Officer (ISSO)

PKH Enterprises is seeking a capable and motivated Information Systems Security Officer (ISSO) to support a federal client. The ideal candidate brings strong communication skills, attention to detail, and the ability to follow established processes while managing multiple security tasks. Candidates should be comfortable working in a dynamic environment and demonstrate a commitment to continuous learning — including a strong interest in developing skills in digital forensics.

Responsibilities

The candidate shall:

Serve as an advisor on matters involving security for designated information system(s).
Develop, update, and maintain comprehensive system security authorization documentation.
Support privacy requirements and documentation for privacy‐intensive systems.
Assist the Assessor with Ongoing Authorization (OA) and Security Control Assessment (SCA) activities according to established schedules.
Manage system Plan of Action and Milestones (POA&Ms) in accordance with client policy.
Provide Change Management support for assigned systems.
Manage PKI certificates for assigned FISMA systems, ensuring timely renewals and revocations.
Support the System Owner in day‐to‐day security compliance activities.
Ensure management, operational, and technical controls are implemented and maintained throughout the system lifecycle, from requirements definition through decommissioning.
Complete required Security Authorization (SA) documentation and support SA activities in accordance with NIST SP 800‐37.
Report IT security events and incidents in accordance with policy.
Support one or multiple systems depending on size and complexity.
Provide IT security and compliance support including SA artifact maintenance, Continuous Monitoring submissions, POA&M updates, vulnerability management coordination, and review of DHS or agency requirements.
Ensure security controls are implemented and assessed in accordance with NIST SP 800‐53 and SP 800‐53A.
Attend required ISSO security training and implement recommended updates.
Review and analyze vulnerability scan results from tools such as Nessus, AppDetective, WebInspect, AppScan, and Nipper.
Assist with internal and external audits, inquiries, and data calls.
Support privileged account audits.
Contribute to accurate OA assessments and documentation (e.g., trackers, TRALs, OA entry packages).
Ensure timely submission of monthly Continuous Monitoring scan data.
Support completion of privacy documentation including PTAs, PIAs, and e‐Authentication artifacts.
Support SSI Threshold Analysis documentation as required.
Execute responsibilities in accordance with Security Authorization and Ongoing Authorization SOPs.

Desired Qualifications

Active security clearance; Top Secret preferred.
Relevant cybersecurity certifications (e.g., Security+, Network+, CAP, CISSP, CIPT, ITIL, PMP).
Strong written communication and documentation skills.
Experience with or interest in privacy‐intensive systems.
Demonstrated interest in learning digital forensics, including evidence handling, chain of custody, and forensic tools.
Ability to work independently within established processes and collaborate effectively with system stakeholders.
Strong analytical skills and willingness to expand technical and compliance expertise.

Company DescriptionPKH Enterprises (PKH) is a small, woman-owned professional services firm dedicated to helping clients address challenging policy and technology issues. The PKH team is comprised of professionals with varied backgrounds combining legal, policy and technical expertise and offers the services and experience of business process engineers, senior subject matter experts and certified project managers. Our diverse capabilities help our clients improve performance and achieve innovative solutions to their most complex business problems. Our clients turn to us as partners and trusted advisors, and depend on our ability to anticipate, recognize and address their specific needs. PKH has a reputation for excellence and remains dedicated to generating successful results for tasks at all levels of project execution.

To all recruitment agencies: PKH Enterprises does not accept unsolicited agency resumes/CVs. PKH Enterprises is not responsible for any fees related to unsolicited resumes/CVs.

PKH Enterprises is an Equal Opportunity Employer.

Company Description

PKH Enterprises (PKH) is a small, woman-owned professional services firm dedicated to helping clients address challenging policy and technology issues. The PKH team is comprised of professionals with varied backgrounds combining legal, policy and technical expertise and offers the services and experience of business process engineers, senior subject matter experts and certified project managers. Our diverse capabilities help our clients improve performance and achieve innovative solutions to their most complex business problems. Our clients turn to us as partners and trusted advisors, and depend on our ability to anticipate, recognize and address their specific needs. PKH has a reputation for excellence and remains dedicated to generating successful results for tasks at all levels of project execution. \r\n\r\nTo all recruitment agencies: PKH Enterprises does not accept unsolicited agency resumes/CVs. PKH Enterprises is not responsible for any fees related to unsolicited resumes/CVs.\r\n\r\nPKH Enterprises is an Equal Opportunity Employer.