Coalfire Federal

Lead Information System Security Officer with Secret Clearance

Job Locations US-Remote
Regular Full-Time

About Coalfire


Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers.  Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google, Oracle and Federal agencies.  Coalfire has been a cybersecurity thought leader for nearly 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients’ toughest security challenges.


Coalfire Federal is looking for a Team Lead Information System Security Officer (ISSO) with minimum an Active Secret Clearance to support our team in Arlington, VA. (Currently remote, open to local candidates)



What you'll do

In this role, you’ll act as Lead Information System Security Officer (ISSO) to support our client in Crystal City, VA.
As the Team Lead ISSO, your responsibility will be to assist and oversee System Owners (SO) manage and monitor Agency systems throughout different stages of the System Development Lifecycle (SDLC).
You must be able to overlay, perform, or support the activities defined in the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) to obtain and maintain agency compliance.


Additionally, you will be responsible for:

  • Ensure risk analyses are completed to determine cost-effective and essential safeguards
  • Maintain and update system security documentation as required in accordance with Agency defined frequencies.
  • Perform Continuous Monitoring activities in accordance with the Agency and NIST Continuous Monitoring requirements. The support includes creation of new documents and update of existing documents per contract requirements.
  • Support continuous monitoring testing and assisting in the management of the Plan of Actions and Milestones (POA&M)
  • Coordinate with the system owner and project team to establish and document processes for audit log management/review, account management, separation of duties and configuration management and to complete all documents defined in the Documents section below.
  • Collaborate with the system owner, project team and the Agency’s Information Assurance Division to ensure that system security requirements are identified, documented, constructed and validated throughout the project lifecycle, and to coordinate the review of System Security documents by the authorizing official (AO).
  • Ensuring security assessments and authorizations (SA&A) of Agency information systems are completed in accordance with the published procedures and providing appropriate level of support for SA&A activities
  • Review Security Assessment Plans (SAP), Security Assessment Report (SAR) and assist internal and external audit teams throughout the assessment and authorization process.
  • Perform 1/3 security assessment to facilitate the authorization or ATO.
  • Serve as a key point-of-contact between the IA Division and the project team and/or system owner before, during and after audit and assessment activities.

What you'll bring

As a the Team Lead ISSO, you will have to be familiar with the Federal Information Security Modernization Act of 2014 (FISMA), Privacy Act of 1974, and the following:

  • Strong technical acumen and experience with mentorship.
  • Team leadership qualities and excellent communication skills
  • Bachelor’s degree preferably in Information Systems, or Computer Engineering, Computer Science, Cybersecurity, or equivalent combination of education and experience
  • Must possess at minimum an Active Secret Clearance
  • At minimum (10) years of relevant cybersecurity experience in functional responsibilities, including at least 8 years in an ISSO capacity
  • Must possess at least one of the following certifications: CISSP, CISM, CAP, GSLC, CISA, CCSP, or CASP
  • National Institute of Standards and Technology Special Publication series (800-53, rev.4, 800-53a, 800-37, 800-61, etc.).
  • Experience performing system analysis, system audits, system monitoring, security control assessment/testing (or ST&E), risk management, and incident response.

Bonus Points

  • Knowledge and/or experience using CSAM
  • Knowledge of DISA STIGS, CIS Benchmarks
  • Experience using or interpreting Nessus scans
  • Understanding of FedRAMP and cloud technologies e.g. AWS, MS Azure
  • Experience with MS Project and Visio

Why you'll want to join us

Our people make Coalfire great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve. Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. We’re connected by our desire to innovate and our goal of helping to make the world a more secure place. 

Coalfire’s high energy, challenging, and fast-paced work environment will keep you engaged and motivated. Work-life balance is a core priority at Coalfire –  plus, we offer great benefits, including:

  • Health, dental, and vision insurance with an employer contribution
  • Flexible paid time off (employees are encouraged to spend four weeks away from the office each year)
  • A generous 401(k) plan
  • A corporate wellness program
  • Tuition reimbursement
  • Certification reimbursement 

Coalfire is an EEO employer. 



Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed