Information Systems Security Officer (ISSO)
Information Systems Security Officer (ISSO)
Location: Hybrid (Washington, D.C. Area) or Onsite as Required
Clearance: Active Public Trust
Job Type: Full-Time | Company: EastBay Systems
Jobs ID 593
About EastBay Systems
EastBay Systems is a trusted provider of cybersecurity and IT consulting services to U.S. federal agencies. Since 2007, we’ve delivered tailored solutions in Governance, Risk, and Compliance (GRC), Cybersecurity Program Management, and Security Operations Support (SOC). Our mission is to help secure our nation’s most critical information systems with expert guidance, modern tools, and a deep understanding of government compliance frameworks.
Position Overview
EastBay Systems is seeking a skilled and detail-oriented Information Systems Security Officer (ISSO) to support the continued execution and enhancement of cybersecurity and assessment & authorization (A&A) programs for a federal client. This role is ideal for a self-starter with deep knowledge of the NIST Risk Management Framework (RMF), continuous monitoring, and information assurance practices. The ISSO will provide leadership and hands-on support for the security lifecycle of enterprise systems.
Key Responsibilities
Act as the primary liaison for system owners and federal stakeholders for assigned systems
Support the risk management lifecycle by identifying, tracking, and mitigating cyber risks affecting system security posture
Guide systems through the RMF process, focusing on A&A and continuous monitoring efforts
Maintain and update security authorization documentation using GRC tools (e.g., ServiceNow GRC/IRM)
Assist in implementing common control provider (CCP) programs and integrating enterprise-level cybersecurity strategies
Collaborate with security architects, engineers, and compliance teams on vulnerability assessments, risk mitigation, and system updates
Track and report on package statuses and ensure timely execution of security plans and deliverables
Provide expert insight into policy alignment with NIST, DHS, OMB, and other federal cybersecurity requirements
Required Qualifications
Education: Bachelor’s Degree in Cybersecurity, Information Technology, Computer Science, or related discipline
Certifications: One or more of the following is required: CISSP, CISA, CRISC, CISM, Security+
Experience:
5+ years in cybersecurity, including at least 3+ years in a GRC, IT audit, or A&A-focused role
Hands-on experience navigating the full RMF lifecycle, including A&A and continuous monitoring
Familiarity with FedRAMP, hybrid cloud security, and multi-tenant architectures
Strong understanding of NIST standards including 800-53, 800-171, 800-137, and NIST CSF
Preferred Skills
Experience with GRC platforms such as CSAM, and SericeNow IRM.
Working knowledge of vulnerability scanning tools such as Nessus, Tenable SecurityCenter, or Qualys
Familiarity with policy development and aligning to mandates from OMB, DHS, and CNSS
Strong ability to analyze and communicate risk, write compelling documentation, and manage multiple tasks concurrently
Excellent verbal, written, and presentation communication skills
Why Join EastBay Systems?
Work on high-impact cybersecurity initiatives that protect federal systems
Flexible remote work environment with occasional onsite opportunities
Competitive compensation and benefits, including healthcare and 401(k)
Supportive, mission-driven team with opportunities for professional development and certification support
How to Apply
To apply, please submit your resume and relevant certifications to jobs@eastbaysystems.com