Information Systems Security Officer

- Lead vulnerability scanning, analysis, and risk prioritization across diverse systems and environments. - Analyze scan results and propose prioritized remediation strategies. - Collaborate with development and engineering teams to facilitate timely remediation and patching actions. - Monitor and manage Plans of Action & Milestones (POA&Ms), ensuring completion of risk mitigation within stipulated timeframes. - Develop and maintain comprehensive Authority to Operate (ATO) packages and security documentation, including SSPs, SARs, CMPs, and Contingency Plans. - Oversee Certification & Accreditation (C&A) activities according to NIST 800-53 and other federal security frameworks. - Ensure compliance with standards such as FedRAMP, Azure, AWS, PCI DSS, and multi-tenant cloud environments. - Conduct continuous system monitoring, diagnostics, and reporting for federal stakeholders. - Design, recommend, and validate integrated security solutions to safeguard sensitive and proprietary data. - Design and implement security controls, including firewalls, Web Application Firewalls (WAFs), and SIEM tools. - Provide technical security engineering services, encompassing secure configurations, hardening, and architecture review. - Translate business and security needs into actionable technical designs during strategic planning initiatives. - Apply modern cloud security principles covering identity, access, governance, logging, and workload protection. - Possess knowledge of edge security solutions such as Akamai or Azure Front Door. - Collaborate with DevSecOps and engineering teams to embed security controls within CI/CD pipelines. - Evaluate cloud security posture, drive remediation efforts, and communicate overall system risk. - Act as a security advisor to technical teams and federal clients. - Assist in the formulation of internal security best practices. - Support proposal development by providing technical security content and solution insights.