Senior Information Systems Security Officer (ISSO) - DOJ CJIS

JOB TITLE: Senior Information Systems Security Officer (ISSO)

GOVERNMENT AGENCY: Federal Bureau of Investigation (FBI), CJIS Information Assurance Unit (CIAU)

LOCATION: Hybrid Position at the FBI CJIS location in Clarksburg, WV; this is a primarily remote position, however, occasional travel to the site may be requested by the customer

POSITION TIMING: Contingent on award; expected contract start date August 30, 2025

BENEFITS: Health, Dental and Vision, 401(k), Flexible Spending Account (FSA), 11 Paid Federal Holidays, PTO, education reimbursement

CLEARANCE REQUIREMENT: Candidate must hold an active Top-Secret clearance. Additionally, the candidate must obtain FBI CJIS access, which typically takes 3-4 weeks to process and must be completed prior to starting on the program.

ITC Federal is an information technology and consulting company focused on servicing the needs of the Federal Government. ITC's mission is to apply earned expertise in information technology and information assurance/security to assist this client in achieving its mission. ITC is located in Fairfax, VA and offers outstanding compensation and benefits plan and a challenging and rewarding professional work environment.

We are seeking a Senior Information Systems Security Officer (ISSO) to support the FBI's Criminal Justice Information Services (CJIS) Division within the Information Assurance Unit (CIAU). This role involves securing mission-critical systems and data through the full system development life cycle, in alignment with federal cybersecurity regulations and standards. You will collaborate closely with system owners, engineers, and stakeholders to ensure compliance, mitigate risk, and enhance the security posture of CJIS information systems.

Support the establishment, implementation, and maintenance of life-cycle security processes to protect FBI CJIS Division information systems, services, and data.
• Ensure systems are developed, operated, and maintained in compliance with applicable security policies (e.g., NIST 800-53/800-37, DISA STIGs, Common Criteria, OWASP, and SANS best practices).
• Perform hands-on system security assessments, vulnerability analysis, and risk management across hybrid environments, including virtualized, on-prem, and cloud platforms (AWS/Azure).
• Utilize tools such as JCAM, Telos Xacta, GITLAB, Splunk, BigFix, Tenable Security Center, JIRA, and Confluence to manage security artifacts and workflows.
• Coordinate with stakeholders to support security documentation and deliverables, including Security Assessment Reports (SAR), Interconnection Security Agreements (ISA), System Security Plans (SSP), and Plans of Action and Milestones (POA&Ms).
• Track and report cybersecurity incidents and vulnerabilities through appropriate FBI and CJIS channels.
• Participate in Agile ceremonies and provide security guidance in SAFe Agile development environments.
• Provide technical recommendations on the integration of security tools and processes into CI/CD pipelines and DevSecOps practices.
• Support audits, compliance checks, and external reviews to ensure ongoing authorization to operate (ATO) and information assurance.

REQUIRED:

• Minimum 6 years of experience in cybersecurity or information assurance, including work supporting federal or state government systems. Prior ISSO experience is required.
• Strong understanding of federal security frameworks (NIST, DISA, FISMA, FedRAMP).
• Previous technical experience in networking, system administration, or software development.
• Demonstrated knowledge of CI/CD pipelines, virtualization, software-defined infrastructure, and cloud computing environments.
• Ability to communicate clearly and effectively with both technical and non-technical stakeholders.
• Experience with vulnerability scanning, audit log analysis, incident reporting, and risk mitigation planning.
• Security Clearance: Active Top Secret clearance.

DESIRED:

• Bachelors Degree, preferred; 2+ years of additional work experience can be substituted in lieu of the degree requirement
• CISSP (Certified Information Systems Security Professional) or equivalent certification.
• AWS or Azure Cloud Security certifications.
• Familiarity with SAFe Agile methodology and secure DevOps practices.
• Experience with FBI systems or previous work in CJIS-compliant environments.
• Familiarity with DevSecOps principles and toolsets.

WORK ENVIRONMENT AND PHYSICAL DEMANDS:

Candidate must be able to function in general office environment

ITC Federal is an equal opportunity employer and will not discriminate against any application for employment on the basis of age, race, color, gender, national origin, religion, creed, disability, veteran status, marital status, sexual orientation, genetic information, military status, disability, or sex including pregnancy and childbirth or related medical condition or on any other basis prohibited by law.