Audit, Information System Security Officer – ISSO
District of Columbia, United States of America
Full Time
2 hours ago
$86,400 - $176,200 USD
No Visa Sponsorship
Key skills
Cyber SecurityERPLeadershipProject ManagementRisk ManagementCommunicationCollaboration
About this role
Role Overview
- Ensure the security, compliance, and continuous monitoring of enterprise information systems
- Support federal security frameworks, risk management activities, and audit readiness efforts while safeguarding sensitive organizational data
- Collaborate with technical teams, leadership, and auditors to assess vulnerabilities
- Maintain authorization documentation and strengthen governance and compliance processes
- Support risk management and continuous monitoring activities to identify and mitigate security vulnerabilities
- Administer and maintain GRC tools to support audit logging, compliance reporting, and security control monitoring
- Prepare documentation and evidence to support federal audits (NIST 800‑53, FISMA, SOC 1/SOC 2, DATA Act, etc.)
- Maintain and update Security Authorization Package artifacts such as SSPs, Risk Assessments, and Security Control Assessments
- Support remediation activities and track audit inquiries and corrective actions
- Assist with project management functions including milestone tracking, compliance forecasting, and deliverable oversight
- Produce regular security posture reports and executive‑level dashboards
- Ensure enforcement of security policies, procedures, and RMF requirements
- Work cross‑functionally with administrators, developers, and stakeholders to integrate security best practices
- Translate complex technical vulnerabilities into clear, actionable insights for leadership and auditors
Requirements
- 7–9 years of experience in cybersecurity, compliance, or audit
- Strong knowledge of GRC, RMF, NIST 800‑53, FISMA, SOC 1/SOC 2, and federal cybersecurity guidelines
- Experience supporting security compliance within enterprise or ERP environments
- Proficiency with GRC tools and audit logging platforms
- Strong analytical and problem‑solving skills to assess root causes and recommend mitigations
- Ability to manage multiple tasks in a fast‑paced, audit‑driven environment
- Excellent written and verbal communication skills, with the ability to simplify complex topics for non‑technical audiences
- Demonstrated collaboration skills across functional and technical teams
Tech Stack
- Cyber Security
- ERP
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Professional development opportunities