Job Opening For Information System Security Officer

Title: Information System Security Officer Location: Remote Duration: 6-12 months Contract Role Overview: The Information System Security Officer (ISSO) is responsible for assessing threats and vulnerabilities, identifying deviations from approved security configurations and policies, evaluating risk levels, and recommending mitigation strategies for both operational and non-operational IT environments. Key Responsibilities: Lead and manage security assessments across multiple applications and domains, including cloud environments, handling large-scale, high-risk initiatives. Implement security controls, conduct risk assessments, and document compliance in alignment with NIST RMF and ISO standards. Evaluate, validate, and support documentation for authorization and accreditation (A&A) of new and existing IT systems. Ensure proper risk treatment, compliance, and assurance from both internal and external perspectives. Support development of enterprise security architectures, including blueprints, standards, models, and guidelines. Perform network and vulnerability scanning to assess system configuration and security posture. Design, implement, and maintain secure IT architectures aligned with A&A policies and best practices. Utilize GRC tools to manage Assessment & Authorization (A&A) processes effectively. Act as a Subject Matter Expert (SME) for the USPS A&A process, advising stakeholders and onboarding new A&A resources. Develop and maintain detailed schedules, milestones, and action plans. Collaborate with cross-functional teams and effectively brief leadership and executive stakeholders. Required Skills: Strong expertise in information security architecture and risk management Hands-on experience with vulnerability and network scanning tools Deep understanding of governance, risk, and compliance frameworks Excellent organizational, communication, and stakeholder management skills Ability to work independently on complex security initiatives Required Experience & Education 8–12 years of relevant information security experience Bachelor’s degree from an accredited college/university in a related field If the degree is not in a relevant field, 4 additional years of related experience are required Ability to perform all functional duties independently Special credentials, licenses, or certifications may be required based on task order