Support the implementation and maintenance of cybersecurity controls across project systems. Assist in the preparation and submission of documentation to support Authority to Operate (ATO) processes. Perform vulnerability assessments and coordinate remediation with technical teams. Monitor system compliance with NIST, FISMA, and VA security policies. Analyze security event data and report incidents or anomalies to senior staff.
As an Information System Security Officer responsible for implementing and maintaining the security posture of assigned information systems, you'll ensure systems comply with federal regulations, organizational policies, and industry best practices, primarily following the NIST Risk Management Framework (RMF) and associated standards. You'll conduct system audits, vulnerability scans, and risk assessments and provide security guidance to system owners, developers, and administrators.