Information Systems Security Officer (ISSO)

Dark Wolf Solutions is seeking a highly experienced and skilled professional to join our organization as a Senior Information Systems Security Officer (ISSO). As a senior-level ISSO, you will assume a leadership role in shaping and executing the information security program, ensuring compliance with CISA/DHS policies and directives. You will provide expert guidance, lead security initiatives, and collaborate with stakeholders to protect critical information systems and assets in support of CISA/DHS's mission to safeguard the nation's security.. This position is expected to be primarily remote, but candidates must reside within 50 miles of a Dark Wolf Office location. Key responsibilities include, but are not limited to: 

• Supporting the preparation of Authorization to Operate (ATO) package documentation, including security assessment reports, system security plans, risk assessment reports, and other necessary artifacts.
• Coordinating with stakeholders to ensure ATO package documentation aligns with industry best practices, NIST guidelines, and agency-specific requirements.
• Assisting in conducting internal reviews and assessments to ensure ATO package documentation accurately reflects the current security posture and controls in place.
• Developing and overseeing the implementation of comprehensive information security policies, procedures, and guidelines, aligned with DHS directives and industry best practices, to establish and maintain an effective security posture.
• Conducting in-depth risk assessments, security audits, and vulnerability assessments to identify threats and vulnerabilities, and develop robust risk mitigation strategies in accordance with DHS guidelines and relevant frameworks (e.g., NIST, FISMA).
• Leading incident response efforts, directing response teams, conducting forensic analysis, coordinating with relevant authorities, and ensuring compliance with CISA/DHS incident handling protocols.
• Mentoring and providing guidance to junior ISSOs and security personnel, fostering professional growth and ensuring the development of a capable and cohesive information security team.
• Collaborating with stakeholders, system administrators, and network engineers to implement and maintain secure configurations for systems and networks, ensuring their compliance with CISA/DHS security standards.
• Maintaining and enhancing security monitoring systems, including intrusion detection/prevention systems (IDS/IPS), SIEM tools, and security event correlation platforms, to proactively detect and respond to potential security incidents within DHS systems.
• Performing security evaluations and assessments of technology infrastructure, systems, and applications, ensuring their compliance with DHS regulations, standards, and guidelines.
• Managing relationships with internal and external auditors, providing necessary documentation and coordinating audit activities to ensure compliance with DHS requirements.
• Staying informed about emerging cybersecurity threats, trends, and technologies, conducting research and analysis to identify potential risks and develop proactive measures to protect critical information systems within DHS.
• Collaborating with stakeholders to identify and implement security controls and countermeasures for new projects, systems, and applications, considering DHS's unique security requirements and risk tolerance.

Required Qualifications:

• Bachelor's degree in information security, computer science, or a related field
• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other relevant certifications highly desired
• Minimum of 7-10 years of progressive experience in information security, with a significant focus on managing and implementing information security programs within the DHS or other federal agencies
• Experience supporting the preparation and maintenance of Authorization to Operate (ATO) package documentation, including security assessment reports, system security plans, and other necessary artifacts
• Familiarity with NIST guidelines, industry best practices, and agency-specific requirements related to the ATO process
• Deep knowledge of DHS information security frameworks, regulations, and standards, such as NIST, FISMA, and CISA guidance, with direct experience in implementing and interpreting these requirements
• Extensive experience in leading and conducting risk assessments, security audits, incident response efforts, and vulnerability management activities within the context of DHS operations
• Experience performing security assessments, vulnerability assessments, and penetration testing within a complex enterprise environment
• Familiarity with security control frameworks and standards, such as NIST SP 800-53, FIPS 199, and NIST SP 800-37
• Knowledge of ATO processes, NIST guidelines, and industry best practices related to system security plans, security assessments, and ATO package preparation
• Excellent leadership and interpersonal skills, with the ability to effectively collaborate, mentor, and communicate complex security concepts to technical and non-technical stakeholders at all levels within a DHS environment
• Proven track record of successfully managing complex security initiatives and projects, ensuring delivery within established timelines and resource constraints
• In-depth knowledge of advanced threat actors, emerging cyber threat landscape, and evolving cybersecurity technologies and trends within the specific context of DHS missions
• Up-to-date expertise in cybersecurity regulations, industry standards, and emerging best practices, with the ability to translate them into actionable strategies and initiatives to enhance the DHS's security posture
• US citizenship and ability to obtain and maintain a DHS Suitability/Entry on Duty (EOD)

Desired Qualifications:

• JIRA experience
• MS SQL

The estimated salary for Journeyman to Senior candidates is expected to be $110,000.00 - $150,000.00, commensurate on experience. 

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.