Careers.

Back to Careers

Information System Security Officer (ISSO)

Mobomo is seeking an experienced Information System Security Officer (ISSO) to support cybersecurity and compliance activities for federal information systems. The ISSO will be responsible for maintaining system security posture, supporting Authorization to Operate (ATO) processes, and ensuring compliance with applicable NIST and Department of Commerce cybersecurity requirements. This individual will serve as a key liaison between system owners, developers, assessors, and federal stakeholders to ensure continuous monitoring and security governance are achieved and maintained.

Responsibilities:

  • Serve as the primary point of contact for cybersecurity and authorization compliance for assigned systems.

  • Develop, maintain, and update required security documentation including:

    • System Security Plans (SSPs)

    • Security Assessment Reports (SARs)

    • Plans of Action and Milestones (POA&Ms)

  • Ensure compliance with NIST SP 800-53 Rev. 5 controls and applicable Department of Commerce cybersecurity policies.

  • Support all phases of the Risk Management Framework (RMF) and ATO lifecycle.

  • Coordinate with system stakeholders including developers, system owners, and security assessors.

  • Perform and interpret vulnerability scans and continuous monitoring activities using tools such as Tenable, CSAM, Splunk, etc.

  • Track and remediate findings from internal/external audits and security assessments.

  • Conduct Security Impact Analyses (SIAs) and contribute to risk assessments.

  • Participate in Change Control Boards, security reviews, and interconnection agreement processes.

  • Coordinate required cybersecurity training and awareness initiatives.

  • Support data calls and reporting efforts such as FISMA compliance.

Requirements:

  • Minimum of 3 years of IT experience, with at least 1 year in an ISSO or equivalent security compliance role.

  • Bachelor’s degree in Information Technology, Cybersecurity, or Business -OR-
    Associate’s degree with 1 year relevant experience and a professional certification -OR-
    2 years relevant experience with a professional certification (e.g., Security+, CISSP, CISM).

  • Strong knowledge of NIST SP 800-53 Rev. 5 controls and the Risk Management Framework (RMF).

  • Experience with security tools such as Tenable, CSAM, Splunk, Nessus, etc.

  • Familiarity with federal compliance standards and policies (e.g., FISMA, FedRAMP).

  • Ability to write clear, concise security documentation and reports.

  • Experience working with or within federal agencies preferred.

Apply Now

RELATED CAREERS: