• Information System Security Officer (ISSO)

    St. George Tanaq Corporation (Richmond, VA)


    Information System Security Officer (ISSO)

     

    WFH Flexible•Remote from MD, VA, DC (http://maps.google.com/maps?q=Washington+DC+USA)

     

    Job Type

     

    Full-time

    Description

    Overview

     

    Tanaq Technical Services (TTS), a division of St. George Tanaq (SGT) Corporation, is an 8(a) Alaskan Native Small Business that specializes in delivering Enterprise Integrated Technology Solutions and Support Services to the Federal Government. TTS’s innovative approach combines proactive strategies, efficient processes and emerging technologies to deliver seamless, integrated services for our clients. TTS prides itself in being Mission Driven, People Focused. To learn more about us, visit https://tanaq.com/tanaq-technical-services.

     

    About the Role

     

    We are seeking an **Information System Security Officer (ISSO)** to support our federal government customer. The ISSO is responsible for ensuring the secure configuration, operation, and compliance of information systems (IS) within federal government environments. The ISSO plays a critical role in supporting the Risk Management Framework (RMF) lifecycle, maintaining Authority to Operate (ATO) status, and enforcing cybersecurity policies, procedures, and controls in accordance with NIST, FISMA, and agency-specific standards.

     

    This is a hybrid remote position based in the Washington, D.C., Maryland, Virginia (DMV) area that will require some onsite work at the customer’s location. This position is contingent on contract award.

    Responsibilities

    + Serve as the primary cybersecurity point of contact for assigned information systems.

    + Implement and manage security controls and procedures in accordance with NIST SP 800-53, NIST SP 800-37, and the agency’s cybersecurity framework.

    + Support the system lifecycle (RMF Steps 1–6), including: System categorization; Security control selection and implementation; Security assessment preparation; POA&M tracking and remediation; Continuous Monitoring (ConMon).

    + Coordinate and prepare system documentation including: System Security Plan (SSP); Security Assessment Report (SAR); Risk Assessment Reports (RAR); Incident Response Plans (IRP).

    + Conduct regular security reviews, vulnerability assessments, STIG compliance checks, and audit log reviews.

    + Collaborate with system owners, developers, and operations staff to ensure security is integrated into IT projects and daily operations.

    + Monitor, track, and report cybersecurity metrics and compliance status to the ISSM, CISO, or agency stakeholders.

    + Manage user access reviews, account recertification, and system-level security awareness training.

    + Support incident response and investigation efforts when cybersecurity events are detected.

    + Coordinate with external assessors, auditors, and the agency's Authorizing Official (AO) during security evaluations.

    Requirements

    Required Experience and Skills

    + 5–7 years of progressive experience in cybersecurity compliance and systems security in the federal government or DoD sector.

    + Deep understanding of:

     

    - **NIST SP 800 53, 800 171** , and Risk Management Framework (RMF).

     

    - **FedRAMP** High and **CMMC 2.0** Level 2/3 compliance requirements.

     

    - **POA&M** management, vulnerability management tools (e.g., Tenable.sc, Nessus), and audit support.

     

    + Hands-on experience with:

     

    - AWS GovCloud/Azure Government security configurations.

     

    - Secure enclave architecture, boundary defense, incident response, and continuous monitoring.

     

    + Strong familiarity with ACAS, eMASS, HBSS, STIG Viewer, and SCAP compliance tools.

    + Excellent verbal and written communication skills.

    + Previous experience working at a federal government agency preferred.

    + Ability to pass required Federal background screening / security check including basic and expanded investigations. Ability to obtain and maintain both government clearance and customer approval.

    + **Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.**

    Education and Training

    + Bachelor’s degree in Cybersecurity, Computer Science, or Information Systems (Master’s preferred).

    + Professional Certifications:

     

    - CISSP, CAP, or CISM strongly preferred.

     

    - Security+ CE (baseline DoD 8570 compliance).

    Physical Requirements

    + Candidates must reside in the Washington, D.C., Maryland, Virginia (DMV) area.

    + Prolonged periods of sitting at a desk and working on a computer. May need to lift up to 25 pounds occasionally.

     

    Pay Range

     

    The projected annual salary range for this position is $125,000 – $155,000 USD. Please note that the salary information listed is a good faith estimate for this position and a general guideline only. Multiple factors are considered in determining final pay for a position, including, but not limited to, the candidate’s relevant work experience, skills, education, certifications, and competencies that align with the specified role, geographic location, as well as business considerations and contract provisions regarding labor categories that are specific to the position.

     

    Benefits Information

     

    Benefits offered may vary depending on the nature of your employment with Tanaq. Full-time US-based employees gain access to healthcare benefits (Medical, Dental, Vision), Basic Life Insurance, Short-Term Disability, Long-Term Disability, 401(k), Flexible Spending Account, EAP, Education Reimbursement, Paid Time Off and Holidays.

     

    Who We Are

     

    Tanaq Technical Services (TTS) strives to deeply understand and analyze our clients’ vision, needs, and requirements so we may provide alternative solutions, empowering them to choose the best resolution. We aim to achieve excellence by delivering on our commitments to our clients, employees, and partners.

     

    Our Commitment to Non-Discrimination

     

    Tanaq Technical Services is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local law. Tanaq complies with the Drug-free Workplace Act of 1988 and E-Verify.

     

    If you are an individual with a disability and need assistance completing any part of the application process, please email [email protected] to request a reasonable accommodation. This email is for accommodation requests only and cannot be used to inquire about the status of applications.

     

    Notice on Candidate AI Usage

     

    Tanaq is committed to ensuring a fair and competitive interview process for all candidates based on their experience, skills and education. To ensure the integrity of the interview process, the use of artificial intelligence (AI) tools to generate or assist with responses during phone, in person and virtual interviews is not allowed. However, candidates who require a reasonable accommodation that may involve AI are required to contact us prior to their interview at [email protected].

    To apply for this position, visit:

    https://recruiting.paylocity.com/Recruiting/Jobs/Details/3462657