Information Systems Security Officer in United States at Jobgether
Explore Related Opportunities
Job Description
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Information Systems Security Officer based in the United States.
This role sits at the core of federal cloud security operations, ensuring that highly regulated environments meet strict compliance, risk, and authorization standards. You will be responsible for maintaining and enhancing security posture across government-facing systems while supporting the full Authorization to Operate (ATO) lifecycle. The position blends deep technical security expertise with governance, risk, and compliance (GRC) leadership, including continuous monitoring, audit readiness, and control enforcement. You will also contribute to the design and automation of security processes in cloud environments, helping reduce manual effort while improving visibility and resilience. This is a highly technical and mission-critical role operating at the intersection of cybersecurity, cloud architecture, and federal compliance frameworks. It offers the opportunity to directly impact the security and reliability of systems supporting government operations at scale.
- Manage and support the full Authorization to Operate (ATO) lifecycle, including documentation, assessments, and continuous authorization activities.
- Design, implement, and maintain Continuous Monitoring (ConMon) programs, including automated scanning, reporting, and remediation workflows.
- Serve as the primary security point of contact for federal compliance, audits, and external assessment organizations (3PAO).
- Develop and maintain System Security Plans (SSPs), security documentation, and compliance artifacts aligned with FedRAMP, FISMA, and NIST standards.
- Oversee vulnerability management, risk analysis, POA&M tracking, and remediation validation across cloud environments.
- Lead security control implementation and ensure alignment with federal frameworks such as NIST SP 800-53 and RMF.
- Manage change control processes, including security impact assessments and approval workflows for system modifications.
- Support incident response, disaster recovery, and business continuity planning, including coordination and post-incident analysis.
- Conduct access control audits and enforce least privilege principles through regular entitlement reviews.
- Collaborate with engineering teams to support secure cloud architecture and DevSecOps practices in regulated environments.
- Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or related technical field (or equivalent experience).
- Active DoD 8140/8570 IAM Level II certification (e.g., CISSP, CISM, CASP+, or equivalent).
- Strong knowledge of federal security frameworks including FedRAMP, FISMA, RMF, and NIST SP 800-53.
- Proven experience managing ATO processes and supporting federal audits or 3PAO assessments.
- Hands-on experience with cloud security environments (e.g., AWS GovCloud or similar regulated platforms).
- Strong understanding of vulnerability management, SIEM tools, and enterprise security operations.
- Experience developing security documentation, architecture diagrams, and compliance artifacts.
- Strong analytical and problem-solving skills with the ability to operate in highly regulated environments.
- Excellent written and verbal communication skills for audit, governance, and stakeholder coordination.
- Familiarity with automation or scripting (e.g., Python, JavaScript, or similar) is a plus.
- Competitive salary range of $125,000 – $180,000 annually.
- Eligibility for performance bonuses and equity grants.
- Comprehensive health, dental, vision, and mental health coverage.
- Paid time off, parental leave, and flexible vacation policies.
- Strong focus on professional development and cybersecurity certifications.
- Remote flexibility within the United States.
- Inclusive, mission-driven culture with strong emphasis on security excellence and innovation.