Job details

ISSO

Get a free resume review

About DMI

DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA. With a focus on end-to-end managed IT services, including managed mobility, cloud, cybersecurity, network operations, and application development, DMI supports public sector agencies and commercial enterprises around the globe. Recognized as a Top Workplace, DMI is committed to delivering secure, efﬁcient, and cost-effective solutions that drive measurable results. Learn more at www.dminc.com

About the Opportunity

DMI, LLC is looking for an ISSO to join us.

Duties and Responsibilities:

Serve as Designated Person(s) assigned to one or more existing FISMA Systems of Record as well as new IT Systems.
Led efforts to develop an Authority to Operate (ATO) and manage the system through its Continuous Monitored lifecycle.
Collaborate with ISSOs to engineer or re-engineer solutions to resolve FISMA audit findings.
Provide security-related information to the ISSO and obtain ISSO approval on Change Requests (CRs) to implement a new solution or service or make changes to an existing one.
Provide input and assist in the development of a System Security Plan (SSP) for systems to facilitate an Authority to Test (ATT) or ATO.
Ensure SSPs include security controls addressing requirements in DHS 4300A, CBP HB1400D, and applicable NIST Special Publications.
Document and provide information on security controls implemented in relevant systems as directed by the Government.
When requested, make recommendations, implement security controls, and/or re-engineer systems to address Plan of Action and Milestones (POA&M) and audit findings.
Implement and document security controls and applicable processes for CBP systems to ensure compliance with the CBP Risk Management Framework, FISMA regulations, NIST 800-53, DHS 4300A, CBP 1400-05D, and applicable security policies including Zero Trust.
Provide expert analysis and recommendations on risk (impact and likelihood) and mitigation options for security findings, gaps, and vulnerabilities.
Develop appropriate responses to audit report findings.
Work with the Director of Security, ISSM, and System Owner (SO) to develop a Deviation Waiver Request (Risk Acceptance) based on thorough analysis and industry standards when risks cannot be resolved.
Contribute to ensuring that when the contractor handles Sensitive PII data, the information system achieves an Authority to Operate (ATO)

Qualifications

Education and Years of Experience:

BS 5-7 Years, MS 3-5, PhD 0-2

Required and Desired Skills/Certifications:

Ensures the seamless transition of knowledge, processes, and institutional understanding from the incumbent contractor to the incoming team.Familiarity with network and information system security principles and best practices.
In-depth knowledge of the Risk Management Framework (RMF), the NIST publications, and the DHS 4300A Policy Directive.
Experience with implementing the NIST 800-53 Security Controls in an Assessment & Authorization (A&A) process.
Experience reviewing Nessus scans, managing vulnerability mitigation and information security process in an Enterprise environment.
Ability to work well within a team environment and build rapport with government and customer organizations.
Certifications such as Network+ and Security + are recommended.
CISSP and Security auditing certifications are recommended.
Understanding of Zero Trust Architecture as it pertains to Government compliance and best practices.

Additional Requirements: Successful completion of a Public Trust background investigation and a Public Trust clearance

Min Citizenship Status Required: Must be a U.S. Citizen

Physical Requirements: No Physical requirement needed for this position.

Location: Remote, US

Working at DMI

DMI is a diverse, prosperous, and rewarding place to work. Being part of the DMI family means we care about your wellbeing. As such, we offer a variety of perks and benefits that help meet various interests and needs, while still having the opportunity to work directly with a number of our award-winning, Fortune 1000 clients. The following categories make up your DMI wellbeing:

Convenience/Concierge - Virtual visits through health insurance, pet insurance, commuter benefits, discount tickets for movies, travel, and many other items to provide convenience.
Development – Annual performance management, continuing education, and tuition assistance, internal job opportunities along with career enrichment and advancement to help each employee with their professional and personal development.
Financial – Generous 401k matches both pre-tax and post-tax (ROTH) contributions along with financial wellness education, EAP, Life Insurance and Disability help provide financial stability for each DMI employee.
Recognition – Great achievements do not go unnoticed by DMI through Annual Awards ceremony, service anniversaries, peer-to-peer acknowledgment, employee referral bonuses.
Wellness – Healthcare benefits, Wellness programs, Flu Shots, Biometric screenings, and several other wellness options.

Employees are valued for their talents and contributions. We all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company.

***************** No Agencies Please *****************

Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.

Average salary estimate

$85000 / YEARLY (est.)

min

max

$70000K

$100000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About ISSO, DMI

Are you passionate about cybersecurity and looking for an exciting opportunity to grow your career? DMI is on the hunt for a talented Information System Security Officer (ISSO) to join our remote team! As an ISSO at DMI, you'll play a pivotal role in ensuring the security of IT systems for both public sector agencies and commercial enterprises, driving efforts to achieve and maintain Authorities to Operate (ATOs) and contributing to the development of System Security Plans (SSPs). Your daily adventures will involve collaborating with other ISSOs to tackle FISMA audit findings, implementing security controls, and ensuring compliance with regulatory frameworks such as NIST 800-53 and the DHS 4300A Policy Directive. With a strong emphasis on continuous monitoring, you'll not only analyze risks and vulnerabilities but also recommend effective mitigation strategies. DMI values knowledge-sharing and teamwork, so you’ll be expected to forge relationships across government and customer organizations while evolving our security posture. We prefer candidates with a relevant degree and industry experience, and certifications like CISSP or Security+ would be a fantastic bonus. Join DMI today to be a part of a diverse team committed to delivering digital solutions that really matter, and enjoy the perks of working at a recognized top workplace too!

Frequently Asked Questions (FAQs) for ISSO Role at DMI

What are the primary responsibilities of the ISSO at DMI?

As an ISSO at DMI, your primary responsibilities will revolve around serving as the designated official for multiple FISMA Systems of Record, overseeing the development of Authorities to Operate (ATOs) for IT systems, and working collaboratively with fellow ISSOs to engineer solutions for FISMA audit findings. Additionally, you'll play a crucial role in drafting System Security Plans (SSPs) to align with various compliance requirements, ensuring that security controls are thoroughly documented and effective.