Information Systems Security Officer (isso)

Dark Wolf Solutions is seeking a highly experienced and skilled professional to join our organization as a Senior Information Systems Security Officer (ISSO). As a senior-level ISSO, you will assume a leadership role in shaping and executing the information security program, ensuring compliance with CISA/DHS policies and directives. You will provide expert guidance, lead security initiatives, and collaborate with stakeholders to protect critical information systems and assets in support of CISA/DHS's mission to safeguard the nation's security.. This position is expected to be primarily remote, but candidates must reside within 50 miles of a Dark Wolf Office location. Key responsibilities include, but are not limited to: 

• Supporting the preparation of Authorization to Operate (ATO) package documentation, including security assessment reports, system security plans, risk assessment reports, and other necessary artifacts.
• Coordinating with stakeholders to ensure ATO package documentation aligns with industry best practices, NIST guidelines, and agency-specific requirements.
• Assisting in conducting internal reviews and assessments to ensure ATO package documentation accurately reflects the current security posture and controls in place.
• Developing and overseeing the implementation of comprehensive information security policies, procedures, and guidelines, aligned with DHS directives and industry best practices, to establish and maintain an effective security posture.
• Conducting in-depth risk assessments, security audits, and vulnerability assessments to identify threats and vulnerabilities, and develop robust risk mitigation strategies in accordance with DHS guidelines and relevant frameworks (e.g., NIST, FISMA).
• Leading incident response efforts, directing response teams, conducting forensic analysis, coordinating with relevant authorities, and ensuring compliance with CISA/DHS incident handling protocols.
• Mentoring and providing guidance to junior ISSOs and security personnel, fostering professional growth and ensuring the development of a capable and cohesive information security team.
• Collaborating with stakeholders, system administrators, and network engineers to implement and maintain secure configurations for systems and networks, ensuring their compliance with CISA/DHS security standards.
• Maintaining and enhancing security monitoring systems, including intrusion detection/prevention systems (IDS/IPS), SIEM tools, and security event correlation platforms, to proactively detect and respond to potential security incidents within DHS systems.
• Performing security evaluations and assessments of technology infrastructure, systems, and applications, ensuring their compliance with DHS regulations, standards, and guidelines.
• Managing relationships with internal and external auditors, providing necessary documentation and coordinating audit activities to ensure compliance with DHS requirements.
• Staying informed about emerging cybersecurity threats, trends, and technologies, conducting research and analysis to identify potential risks and develop proactive measures to protect critical information systems within DHS.
• Collaborating with stakeholders to identify and implement security controls and countermeasures for new projects, systems, and applications, considering DHS's unique security requirements and risk tolerance.

Required Qualifications:

• Bachelor's degree in information security, computer science, or a related field
• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other relevant certifications highly desired
• Minimum of 7-10 years of progressive experience in information security, with a significant focus on managing and implementing information security programs within the DHS or other federal agencies
• Experience supporting the preparation and maintenance of Authorization to Operate (ATO) package documentation, including security assessment reports, system security plans, and other necessary artifacts
• Familiarity with NIST guidelines, industry best practices, and agency-specific requirements related to the ATO process
• Deep knowledge of DHS information security frameworks, regulations, and standards, such as NIST, FISMA, and CISA guidance, with direct experience in implementing and interpreting these requirements
• Extensive experience in leading and conducting risk assessments, security audits, incident response efforts, and vulnerability management activities within the context of DHS operations
• Experience performing security assessments, vulnerability assessments, and penetration testing within a complex enterprise environment
• Familiarity with security control frameworks and standards, such as NIST SP 800-53, FIPS 199, and NIST SP 800-37
• Knowledge of ATO processes, NIST guidelines, and industry best practices related to system security plans, security assessments, and ATO package preparation
• Excellent leadership and interpersonal skills, with the ability to effectively collaborate, mentor, and communicate complex security concepts to technical and non-technical stakeholders at all levels within a DHS environment
• Proven track record of successfully managing complex security initiatives and projects, ensuring delivery within established timelines and resource constraints
• In-depth knowledge of advanced threat actors, emerging cyber threat landscape, and evolving cybersecurity technologies and trends within the specific context of DHS missions
• Up-to-date expertise in cybersecurity regulations, industry standards, and emerging best practices, with the ability to translate them into actionable strategies and initiatives to enhance the DHS's security posture
• US citizenship and ability to obtain and maintain a DHS Suitability/Entry on Duty (EOD)

Desired Qualifications:

• JIRA experience
• MS SQL

The estimated salary for Journeyman to Senior candidates is expected to be $110,000.00 - $150,000.00, commensurate on experience.