• ISSO (Remote)

    Koniag Government Services (Chantilly, VA)


    Koniag Professional Services LLC, a Koniag Government Services company, is seeking a ISSO to support KPS and our government customer. This position requires the candidate to be able to obtain a Public Trust. This is a remote opportunity.

     

    We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

     

    Koniag Professional Services is seeking an experienced Information System Security Officer to support our client, the Department of Health and Human Services (DHHS), Office of the Chief Information Officer (OCIO) in sustaining an integrated Human Capital Management solution that consolidates core HR functions into a unified enterprise platform. The Human Resource Information Technology platform will encompass Time and Attendance, Position Description management, Performance Management, Employee/Manager/HR Self-Service, and Enterprise Business Intelligence capability. The solution will be compliant with federal cybersecurity, records management, and accessibility standards, to improve system performance, user satisfaction, and long-term sustainability of HR services. This role is critical for securing and optimizing HCM applications that support essential administrative and operational functions across the department. The ideal candidate combines strong technical skills with a solid understanding of federal systems and cybersecurity requirements. As ISSO, they’ll ensure the security and compliance of a multi-module HCM platform with extensive API integrations—managing risks, overseeing authorizations, and protecting sensitive HR data.

    Essential Functions, Responsibilities & Duties may include, but are not limited to:

    The position involves collaboration with system owners, security teams, and stakeholders to ensure systems meet security requirements throughout their lifecycle. Principal responsibilities include:

     

    + Implement and maintain system security in accordance with federal standards and requirements (FISMA, NIST, etc.)

    + Develop, update, and maintain System Security Plans (SSPs) and security documentation

    + Track and manage Plans of Action and Milestones (POA&Ms) to address security weaknesses

    + Support Security Assessment and Authorization (SA&A) processes for new and existing systems

    + Perform security impact analysis for system changes and modifications

    + Respond to and investigate security incidents and support remediation efforts

    + Develop and maintain security standard operating procedures and contingency plans

    + Collaborate with privacy officers to ensure proper handling of sensitive information

    + Conduct risk assessments and recommend appropriate security controls

    + Support security audits and provide requested documentation to auditors

    Education and Experience:

    Required:

    + Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field

    + 5+ years of experience in information security, preferably in ISSO or similar roles

    + Experience with federal information security requirements and frameworks (FISMA, NIST RMF, etc.)

    + Experience with security documentation, including System Security Plans and POA&Ms

    + Current security certification (Security+, CISSP, CAP, or equivalent)

    + Ability to obtain and maintain a Public Trust clearance or higher

    Required Skills and Competencies:

    + Comprehensive knowledge of NIST Special Publications, particularly the 800 series

    + Experience with Risk Management Framework (RMF) and Security Assessment and Authorization processes

    + Strong understanding of security controls implementation and assessment

    + Experience ensuring system compliance with Section 508 accessibility standards and conducting Voluntary Accessibility Testing (VAT) to validate conformance with federal accessibility requirements.

    + Knowledge of vulnerability management practices and tools

    + Ability to conduct security control assessments

    + Experience with security monitoring and incident response

    + Proficiency in security documentation creation and maintenance

    + Experience with security scanning tools and interpreting scan results

    + Familiarity with cloud security concepts and controls

    + Strong analytical skills with ability to assess security risks and recommend mitigations

    + Excellent communication skills for explaining security concepts to technical and non-technical audiences

    + Ability to prioritize security issues based on risk and business impact

    + Understanding of security compliance requirements and audit processes

    Desired Skills and Competencies:

    + Experience with cloud security implementations.

    + Knowledge of privacy regulations and requirements (Privacy Act, GDPR, etc.)

    + Background in security architecture design and review

    + Experience in incident response

    + Knowledge of encryption technologies and implementation

    + Experience supporting Federal Authorization processes

    Security Requirement:

    + Ability to maintain Public Trust Clearance

    Our Equal Employment Opportunity Policy

    The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.

     

    The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at [email protected] or by calling 703-488-9377 to request accommodations.

     

    _Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit_ _www.koniag-gs.com_ _._

     

    _Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352_

    Job Details

    Job Family** **Technical Program Management & Operations

     

    Job Function** **Task Manager (tech)

     

    Pay Type** **Salary