Job Description

TestPros delivers innovative independent IT assessment solutions to critical challenges facing the nation and the world. We support the U.S. Federal Government and Commercial clients within the continental USA. TestPros is dedicated to making lives better, safer and more secure.

Start: Future projects late 2026 or 2027 (not an immediate job opening)

The Information System Security Officer (ISSO) supports the cybersecurity and compliance requirements of federal information systems in accordance with NIST, RMF, FISMA, FedRAMP, DoD, and agency-specific security requirements. The ISSO serves as the primary liaison between system owners, cybersecurity teams, and government stakeholders to ensure systems maintain an acceptable security posture and remain compliant throughout the system lifecycle.

Responsibilities

• Support the implementation and maintenance of Risk Management Framework (RMF) processes.
• Develop, review, and maintain security documentation, including:
  • System Security Plans (SSPs)
  • Security Assessment Reports (SARs)
  • Plans of Action & Milestones (POA&Ms)
  • Security Control Traceability Matrices (SCTMs)
  • Continuous Monitoring (ConMon) documentation
• Conduct security control assessments and compliance reviews.
• Coordinate Authorization to Operate (ATO), Interim ATO (IATO), and authorization package updates.
• Support vulnerability management activities, including reviewing and tracking findings from tools such as Nessus, ACAS, Tenable, Qualys, and SCAP.
• Monitor and assess cybersecurity risks and recommend mitigation strategies.
• Coordinate with system administrators, network engineers, developers, and security personnel to address security requirements.
• Review system changes and participate in configuration control boards (CCBs) as required.
• Support audits, inspections, and cybersecurity assessments.
• Ensure compliance with NIST 800-53, FISMA, agency policies, and applicable federal regulations.
• Maintain security metrics and provide regular status reports to government stakeholders.
• Support incident response activities and security investigations when required.

Required Qualifications

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field (or equivalent experience).
• 3+ years of experience supporting federal cybersecurity, RMF, or information assurance programs.
• Experience developing and maintaining RMF authorization packages.
• Working knowledge of:
  • NIST 800-53
  • NIST 800-37
  • FISMA
  • Security Control Assessments
  • Continuous Monitoring
• Experience with vulnerability scanning and remediation processes.
• Strong written and verbal communication skills.
• Active Top Secret or Secret or Pubic Trust clearance or ability to obtain one.

Preferred Qualifications

• Experience with eMASS, XACTA, CSAM, or similar governance and compliance tools.
• Knowledge of FedRAMP, DoD RMF, or Intelligence Community security requirements.
• Experience supporting cloud environments (AWS, Azure, GovCloud).
• Security certification such as:
  • Security+
  • CISSP
  • CAP
  • CISM
  • GSLC

Desired Skills

• Risk assessment and mitigation
• Security compliance and auditing
• Vulnerability management
• Cybersecurity policy implementation
• Security documentation development
• Stakeholder coordination
• Continuous monitoring and reporting

Typical Federal Customers: DHS, DoD, VA, HHS, Treasury, and other civilian federal agencies.

Salary Range: $70,000 - $145,000 (depending on experience, clearance level, and location). This range represents a good-faith estimate and is not a guarantee; final compensation is determined by factors such as experience, qualifications, and government contract labor rate requirements and may fall outside the stated range.

Equal Opportunity Employer
TestPros is an equal-opportunity employer and does not discriminate in employment based on race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or any other non-merit factor.

Offer Considerations
TestPros considers several factors when extending an offer, including but not limited to, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, geographic location, education, and certifications.

Federal Compliance
As a federal contractor, TestPros is subject to all federal and state mandates and/or other customer requirements.