Be on Alert – Fraudulent Employment Offers. Learn More

Washington, District of Columbia, United States of America
JOB #R2104771

Information Systems Security Officer (ISSO)

ICF is seeking an Information Systems Security Officer (ISSO) to support the United States Department of Health and Human Services (HHS) in the Washington, DC area. The ISSO is responsible for ensuring that the security and privacy posture is maintained for organizational system(s) and works in close collaboration with the system owner. The ISSO also serves as a principal advisor on all matters, technical and otherwise, involving the controls for the system(s). The ISSO has the knowledge and expertise to manage the security and privacy aspects of organizational systems and, in many organizations, is assigned responsibility for day-to-day system security operations. This responsibility may also include, but is not limited to, physical and environmental protection; personnel security; incident handling; and security and privacy training and awareness.

Responsibilities include:

  • Propose, coordinate, implement and enforce HHS information systems security policies, standards, and methodologies
  • Serve as a focal point for IT security and privacy incident reporting and subsequent resolution
  • Draft and maintain security policy documentation in support of the Risk Management Framework
  • Ensure that security-related documentation at each phase of the HHS Enterprise Performance Lifecycle (EPLC) meets all identified security needs
  • Coordinate with organization configuration management (CM) for information system security software, hardware, and firmware updates
  • Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades
  • Ensure that IT security notices and advisories are distributed to appropriate personnel and that vendor-issued security patches are expeditiously installed
  • Track security education and awareness training conducted for personnel and contractors, as appropriate
  • Provide CM for security-relevant information system software, hardware, and firmware
  • Develop system security policy and ensure compliance
  • Maintain operational security posture for an information system or program
  • Develop and update the system security plan and other cybersecurity documentation
  • Assist with the management of security aspects of the information system and perform day-to-day security operations of the system
  • Assist with assessment, development and implementation of programs and controls set in place to preserve the integrity and security of sensitive data and information stored and processed by various network systems
  • Assist with prevention of data breaches and unauthorized access to information systems
  • Perform cybersecurity system management functions
  • Review information security systems and recommend improvements/solutions.

Required Qualifications:

  • Bachelor’s Degree in Information Assurance, Cybersecurity, Computer Science, Information Systems, Engineering or other related discipline
  • Minimum 3 years of ISSO experience
  • Certified Systems Security Professional (CISSP) or other widely recognized cybersecurity professional certification
  • Thorough knowledge of network security concepts with application knowledge of various enterprise security point technologies, managed security services, Security Information and Event Management solutions, packet analysis tools, cryptography and Active Directory / Kerberos authentication protocol
  • Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities
  • Demonstrated experience working in large Federal agency preferably in HHS
  • Possess the knowledge of security best practices, security solutions, and methodologies for risk management
  • Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
  • Demonstrated advanced knowledge of industry accepted standards
  • Experience with governance, risk, and compliance tools like eMASS, Archer, Xacta, etc.
  • Minimum 2 years intrusion detection and/or incident handling experience

Working at ICF

Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. If you’re seeking to make a difference in the world, visit to find your next career. ICF—together for tomorrow.

We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO & AA policy.

COVID-19 Policy: New or prospective U.S. employees must provide proof of complete vaccination on the date of their commencement of employment. If selected for employment, you will provide proof of your full vaccination status, defined as vaccinated two weeks after receiving the requisite number of doses of a COVID-19 vaccine approved or authorized for emergency use by the FDA.

Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination:  EEO is the law and  Pay Transparency Statement.

Washington, DC (DC02)

Who is ICF?

A global consulting services company with +7,000 people across +70 countries, but we are not your typical consultants.

More jobs you might like

Nov 10, 2021
Adelphi, Maryland, United States of America
Jul 29, 2021
Arlington, Virginia, United States of America
Jun 17, 2021
Arlington, Virginia, United States of America
Jun 17, 2021
Arlington, Virginia, United States of America
May 24, 2021
Arlington, Virginia, United States of America
Feb 22, 2021
Arlington, Virginia, United States of America
See All Jobs

Join our talent network

ICF is growing, and we add new open roles to our site regularly. If you're waiting for that perfect opportunity at ICF or want an inside look at what it's like to do world-changing work, join our talent network to stay updated.

Join our talent network

ICF is growing, and we add new open roles to our site regularly. If you're waiting for that perfect opportunity at ICF or want an inside look at what it's like to do world-changing work, join our talent network to stay updated.