Information System Security Officer Lead|Req#4004

Description

Information System Security Officer Lead

Location: On Site – Vienna, VA
Clearance: Top Secret (TS)/SCI

Position Overview:

This position will lead a group of Information System Security Officers (ISSOs) and Information System Security Engineers (ISSEs) in support of the FBI to protect the confidentiality, integrity, and availability of systems across cloud, enclave, and hybrid environments. Responsibilities include engineering secure CI/CD pipelines, applying DevSecOps principles, conducting architectural risk assessments, overseeing RMF activities through ATO issuance, validating security controls, and guiding incident response and insider threat monitoring. The role also ensures compliance with NIST, DoD, and FBI cybersecurity standards, implements EO 14028 mandates, and provides specialized support for telecommunications and secure data transfer operations, all while maintaining operational readiness and surge capacity in secure federal environments.

Responsibilities:

• Identify and recommend necessary updates based on security policies, standards, guidelines, and procedures to ensure compliance with regulatory requirements and organizational objectives.
• Conduct risk assessments and vulnerability assessments to identify, evaluate, and prioritize security risks to the organizations information systems.
• Develop, update and maintain the organizations security incident response plan, to include detection, response and recover based on organization objectives.
• Ensure security compliance based on FBI security regulations and standards, following National Institute of Standards and Technology (NIST) controls.
• Perform regular vulnerability and compliance scanning to support auditing and monitoring on the information systems and identify any of the findings and coordinate with key stakeholders to mitigate vulnerabilities and compliance findings.
• Implement and maintain security controls throughout all information systems and network environments.
• Maintain documentation related to security policies, procedures, standards, configurations and incidents for compliance and auditing purposes.
• Participate in security governance activities, including security risk assessments, security review, and security related meetings to ensure alignment with organizational goals and objectives.
• Provide regular reports and updates to management on the organization's security posture, including identified risks, incidents, compliance status, and remediation efforts.
• Assist with other duties as assigned in the unit.
• Operate within the Risk Management Framework (RMF), including Steps 1-6, and ensure ongoing compliance through Continuous Monitoring.
• Design and implement security controls and validate their effectiveness.
• Configure and execute Nessus scans, interpret results, and feed findings into POA&M and risk analysis processes. Shall support ATO packages and security documentation.
• Assist ISSE in determining appropriate security architecture throughout the development and implementation lifecycle of the information systems.

Required Qualifications:

• Demonstrate expertise in systems security requirements and policy.
• Demonstrate expertise in incident response and management.
• Demonstrate working in a 24/7 operational environment.
• Demonstrate experience and knowledge with security frameworks and standards such as NIST, ISO 27001, and CIS Controls.
• Demonstrate experience and knowledge of security technologies, tools, and methodologies (e.g. firewalls, IDS /IPS, SIEM systems).
• Demonstrate experience and knowledge with network protocols and architecture.
• Demonstrate experience and knowledge with data encryption techniques and key management practices.
• Demonstrate experience and knowledge with compliance requirements (FISMA).
• Demonstrate experience and knowledge with operating systems (e.g. Windows and Linux) and their security features.
• Demonstrate experience and knowledge with conducting and analyzing system scans.
• Demonstrate experience and knowledge with designing and implementing security internal policies, and agency standards, and procedures.
• Demonstrate experience and knowledge with risk assessment and management techniques.
• Demonstrate experience and knowledge with configuring and managing security tools and systems.
• Demonstrate expertise in the use of threat monitoring platforms.

Preferred Experience:

• Five (5) years of ISSO experience.
• Certifications - (CISSO, CISA, CISM, CISSP)

ActioNet is a CMMI-DEV Level 4, CMMI-SVC Level 4, ISO 20000, ISO 27001, ISO 9001, HDI-certified, woman-owned IT Solutions Provider with strong qualifications and expertise in Agile Software Engineering, Cloud Solutions, Cyber Security and IT Managed Services. With 26+ years of stellar past performance, ActioNet is the premier Trusted Innogrator!

Core Capabilities:

• Advanced and Managed IT Services
• Agile Software Development
• DevSecOps
• Cybersecurity
• Health IT
• C4ISR & SIGINT
• Data Center Engineering & Operations
• Engineering & Installation

Why ActioNet?

At ActioNet, our Passion for Quality is at the heart of everything we do:

• Commitment to Employees: We are committed to making ActioNet a great place to work and continue to invest in our ActioNeters.
• Commitment to Customers: We are committed to our customers by driving and sustaining Service Delivery Excellence.
• Commitment to Community: We are committed to giving back to our community, helping others, and making the world a better place for our next generation.

ActioNet is proud to be named a Top Workplace for the twelfth year in a row (2014 - 2025). We have a 98% customer retention rate. We are passionate about the inspirational missions of our customers, and we entrust our employees and teams to deliver exceptional performance to enable the safety, security, health, and well-being of our nation.

What's in It For You?

As an ActioNeter, you get to be part of an exceptional team and a corporate culture that nurtures mutual success for our customers, employees, and communities. We give you the tools to be successful; all you need to do is bring your best ideas, your energy, and a desire to develop your skills, experience, and career. Are you ready to make a difference?

ActioNet is an equal-opportunity employer and values inclusion at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Full-Time Employees are eligible to participate in our ActioNet’s Benefits Program:

• Medical Insurance
• Vision Insurance
• Dental Insurance
• Life and AD&D Insurance
• 401(k) Savings Plan
• Education and Professional Training
• Flexible Spending Accounts (FSA)
• Employee Referral and Merit Recognition Programs
• Employee Assistance and Identity Theft Protection
• Paid Holidays: 11 per year
• Paid Time Off (PTO)
• Disability Insurance

ActioNet is an equal opportunity employer and value inclusion at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

********Direct Applicants, only. No Agencies, No third-party recruiters, please********