Information System Security Officer
Location: Washington, DC | Duration: months | Hybrid
Day-to-day Responsibilities:
Conduct continuous monitoring activities, including maintenance of current ATO, system self-assessments, and review of vulnerability and compliance reports. Ensure stakeholders perform system log reviews as defined in the SSP and review IT system user accounts for accuracy. Collaborate with technical teams to mitigate security control deficiencies and vulnerabilities. Assess cybersecurity impact of changes to IT systems, document findings, and brief stakeholders. Conduct self-assessments of security controls, identify weaknesses, and track remediation activities in POA&M. Manage POA&M process for timely detection and alerting of non-compliance issues. Provide system access, information, and documentation to security assessment and audit teams. Required Skills:
...