OverviewExcella is seeking an Information Systems Security Officer (ISSO) to support a federal government customer. In this role, you will lead efforts to gather and organize technical information about the program's security posture and collaborate across teams to support ongoing security authorization activities.
This position requires someone who can communicate effectively at all levels of the organization, exercise sound judgment with sensitive information, and proactively manage security documentation and compliance activities in a dynamic federal environment. The ability to hold and maintain a DHS Public Trust is required.
Responsibilities
- Lead efforts to gather and organize technical information about the program's security posture and collaborate across teams to support ongoing security authorization.
- Proactively create, monitor, and update the status of POA&Ms to ensure weaknesses are resolved in accordance with their scheduled completion dates.
- Create Waivers or Risk Acceptance Memos to support effective management of system risks.
- Conduct annual assessments in accordance with DHS Information Security Performance Plan guidance.
- Review and update security authorization documents as needed, at minimum annually.
- Coordinate with Privacy, Records, and Information Governance Divisions on compliance documentation and requirements.
- Conduct Contingency Plan tests at least annually and update the plan accordingly.
- Perform system self-assessments as part of the customer's Ongoing Authorization program.
- Monitor and respond to Information Security Vulnerability Management (ISVM) and Patch Management requirements.
- Provide audit support (Financial, A-123, FISMA, internal, DHS, etc.) through all phases - Pre, During, and Post Audit.
- Maintain current knowledge of inventory within the accreditation boundary.
- Proactively ensure security requirements are incorporated into the development cycle (Waterfall, Agile, DevSecOps).
- Ensure configuration management processes are followed to prevent the introduction of new security risks.
- Respond to emerging requirements driven by legislation, regulation, or policy changes.
- Support annual independent assessments per DHS Information Security Performance Plan guidance.
Qualifications
- 8+ years of experience in information security.
- Expertise in cybersecurity best practices, vulnerability management, and cybersecurity scanning tools.
- Expertise in Federal data privacy requirements and cloud-hosted cybersecurity management practices.
- One or more of the following certifications:
- CompTIA Security+ or equivalent
- Cloud Security certification (e.g., CCSP, AWS Security Specialty, Google Professional Cloud Security Engineer)
- Information Systems Security certification (e.g., CISSP, SSCP)
- Information Systems Security Management certification (e.g., CISM, CISSP-ISSMP)
- Ability to hold and maintain a DHS Public Trust.
This range represents the minimum and maximum base salary that Excella reasonably and in good faith expects to pay for this role. Actual compensation within the range will depend on factors such as skills, experience, training, certifications, and organizational needs. It is not typical for an individual to be hired at or near the top or bottom of the range.
Your pay also includes the opportunity for an annual bonus in addition to the base salary. This variable pay opportunity is dependent upon the attainment of shared firmwide goals and objectives as determined by Excella's Executive Team. Certain eligibility and pro-ration rules apply.
Should your experience and knowledge qualify you for a different position or title within Excella, we may consider you for positions that better align with your qualifications. In that case, we will provide the range for those positions as well.
Pay Range
$127,944-$186,600 USD
