U
Senior Information System Security Officer
Unknown
3h ago
0OtherJacksonville, FL, USjobspy_indeed
remoteindeed
Job Description
**GRC Senior Information System Security Officer**
Department: Governance Risk and Compliance (GRC)
Location: Remote
Reports to: Director of GRC
Direct Reports: None
**Summary**
===========
The **Senior Information System Security Officer (Sr. ISSO)** leads the enterprise\-wide cybersecurity Governance, Risk, and Compliance (GRC) Risk Management Framework (RMF) and Assessment and Authorization (A\&A) initiatives across high\-security federal cloud and DoD environments. The Sr. ISSO oversees the Certification(s) and Authorization(s) process across multi\-framework pipelines, including but not limited to FedRAMP, DoD Impact Levels (IL4/IL5\), SOC 2 Type II, and CMMC Levels 1, 2, and 3\.
The Sr. ISSO will lead compliance initiatives from planning through assessment, manage ongoing risk and Continuous Monitoring (ConMon) activities, support audit engagements, and help mature ARRO's GRC program. The Sr. ISSO combines deep knowledge of regulatory and cybersecurity frameworks with practical experience translating compliance requirements into operational security capabilities within cloud\-based environments.
As a security documentation technical writer and compliance strategist, the Sr. ISSO translates complex cloud engineering architecture(s) into clear, audit\-ready documentation, security artifacts, Standard Operating Procedures (SOPs), policies and procedures. The Sr. ISSO specializes in the deep interpretation of complex security controls (NIST SP 800\-53, NIST SP 800\-171, FedRAMP Ruleset(s) / Security Indicators, DoD Cloud Computing Security Requirements Guide (CC SRG), and SOC 2 Trust Services Criteria). This position oversees the authoring of robust security control implementation statements that accurately reflect the system's security posture while ensuring continuous audit readiness and Body\-of\-Evidence (BoE).
**Key Responsibilities**
========================
**ATO Readiness \& Compliance Leadership**
------------------------------------------
* Lead FedRAMP certification readiness and ongoing compliance activities, including security documentation, control validation, evidence collection, gap remediation, and assessment preparation.
* Lead DoD authorization readiness and ongoing compliance activities, including security documentation, control validation, evidence collection, gap remediation, and assessment preparation.
* Develop and maintain authorization artifacts (e.g., SSPs, POA\&Ms, Control Implementation Statements, Continuous Monitoring deliverables) supporting FedRAMP, DoD, SOC 2, and CMMC programs.
* Coordinate audits, readiness reviews, and third\-party assessments while serving as the primary liaison among internal stakeholders, assessors, auditors, consultants, customers, and government representatives.
* Track compliance objectives, remediation efforts, and regulatory changes to ensure organizational readiness and alignment.
* Partner with Engineering and DevOps teams to implemen
