Information Systems Security Officer (ISSO)
Washington, DC
Full Time
Civillian
Mid Level
Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments where mission, complexity, and trust intersect. Our single focus has been delivering cyber solutions to effectively manage risk & the business of cyber for 25 years!
TDI is seeking an Information Systems Security Officer (ISSO) to provide expertise needed to align and help mature the organization and technology-specific risk management plans and processes, through the implementation of the Risk Management Framework (RMF).
TDI is seeking an Information Systems Security Officer (ISSO) to provide expertise needed to align and help mature the organization and technology-specific risk management plans and processes, through the implementation of the Risk Management Framework (RMF).
This position is hybrid with commute to the DC area 3 times per week.
RESPOSIBILITIES:
- Serve as the primary cybersecurity advisor to the System Owner (SO), Information Systems Security Manager (ISSM), and Chief Information Security Officer (CISO) on all security matters related to assigned information systems.
- Lead and support all phases of the Risk Management Framework (RMF) Security Assessment and Authorization (A&A) process, ensuring assigned systems achieve and maintain a compliant Authority to Operate (ATO).
- Develop, maintain, and update all required RMF security documentation, including System Security Plans (SSPs), Security Impact Analyses (SIAs), Plans of Action and Milestones (POA&Ms), Risk Acceptances, Configuration Management Plans, Supply Chain Risk Management Plans, Interconnection Security Agreements (ISAs), Memorandums of Understanding (MOUs), Information Exchange Agreements (IEAs), vulnerability reports, authorization letters, and other required security artifacts.
- Perform continuous monitoring activities to verify security controls are implemented correctly, operating effectively, and meeting cybersecurity requirements by conducting security control self-assessments, reviewing vulnerability and compliance scan results, validating system log reviews, and ensuring periodic user account reviews are completed.
- Assess the cybersecurity impact of system changes, document findings through Security Impact Analyses, and communicate associated risks and recommendations to stakeholders.
- Identify security control deficiencies, manage the POA&M process, and coordinate remediation efforts with system owners and technical teams to resolve vulnerabilities identified through assessments, audits, inspections, and continuous monitoring activities.
- Collaborate with engineering, operations, and system owners to strengthen the security posture of assigned systems while ensuring compliance with organizational cybersecurity policies and RMF requirements.
- Support internal and external security assessments, audits, and authorization activities by providing required system access, documentation, evidence, and technical guidance.
QUALIFICATIONS:
- U.S. Citizenship is required
- Active CISSP, CISM, CRISC, or equivalent cybersecurity certification required.
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related technical field.
- 5+ years of experience performing security assessments, developing RMF/A&A documentation, and supporting the authorization of enterprise systems, networks, servers, databases, or cloud environments.
- Working knowledge of NIST Risk Management Framework (RMF), NIST security and privacy publications, and security authorization processes.
- Experience using Archer or a similar governance, risk, and compliance (GRC) platform to support Assessment and Authorization (A&A) activities.
- Understanding of cloud service models (IaaS, PaaS, SaaS), hybrid cloud environments, financial applications, and mobile security technologies.
TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.
“TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.”

Apply for this position
Required*
