Founded in 2017 and headquartered in Manassas, Virginia, Toomey Technologies is a SBA certified HUBZone & Woman Owned Small Business that provides customer focused professional services and solutions. Our aim is to leverage our knowledge and skills to work with our clients, offering professional and impartial advice.

Immediate opening for an experienced ISSO to support our client. You will be part of a team ensuring that security requirements for information systems meet FISMA and agency requirements. The ISSO will work closely with the Information Assurance teams including Assessment teams, Compliance and Risk Management.

The ISSO is responsible for maintaining and enforcing all Information System Security policies, standards, and directives to ensure assessment and authorization of information systems processing classified information. 

• Work with Information Assurance Engineers and other cyber security personnel to identify, implement, assess, and manage cyber security capabilities and services 
• Develop and update security authorization packages in accordance with the client’s requirement and compliant with FISMA. Core documents that the candidate will be responsible for are the System Security Plan, Risk Assessment Report, Security Assessment Plan and Report, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan,
• Develop and maintain the Plan of Action and Milestones and support remediation activities.
• Validate that protective measures for physical security are in place to support the system's security requirements.
• Maintain an inventory of hardware and software for the information system.
• Develop, coordinate, test, and train on Contingency Plans and Incident Response Plans.
• Perform risk analyses to determine cost-effective and essential safeguards.
• Support Incident Response and Contingency activities.
• Able to perform security control assessment using NIST 800-53A guidance.
• Support remediation actions associated with findings from inspections and evaluations 
• Support efforts to ensure that systems, networks, and data users are aware of, understand, and adhere to system security policies and procedures 
• Support various compliance reports for dormant accounts, account configurations, active directory group policies, server configurations, etc
• Work with system engineers and administrators to develop corrective action plans from internal and external audits. 
• Perform routine self-assessment audits to ensure compliance with agency and federal security requirements.  
• Provide tracking, coordination, and reporting for required cyber security training activities.
• Review and develop system security plans and other required security documentation as required.  
• Perform vulnerability assessment scans or interpret results of scans and track mitigation actions and progress of system engineers and administrators. 
• Perform certification and accreditation activities as required to ensure assigned systems remain accredited and risk is managed to an acceptable level.  

• Bachelor’s degree in a related field or technical discipline, or equivalent work experience  
• Active Secret Clearance
• 5+ years’ experience in similar roles within the DOD or Federal Government 
• One of the following DoD 8570.01-M IAT Level II Certification: CCNA Security, GICSP, GSEC, Security+, CND, and SSCP 
• The ISSO should have exceptional verbal, written, interpersonal and presentation skills, customer relationship building skills, analytical skills and ability to lead/mentor teammates 

U.S. Citizenship and active Secret Clearance is required

Position is on-site for the first 30 days and then hybrid schedule of 3 days onsite, 2 days remote.

You can expect to hear back from us either way within 5 business days. Be sure to keep an eye on your spam or junk folders in case our emails end up in there! Please, no phone calls directly to our business, CEO, hiring managers, or recruiters. Due to the high volume of applicants, we typically receive for our career openings, we are not able to do phone interviews until later stages of the hiring process.

Toomey Technologies is committed to creating a diverse environment and is proud to be an equal opportunity employer. At Toomey we don't just accept differences — we support them, celebrate them, and as a company, we thrive on them. We celebrate diversity and are committed to creating an inclusive environment for all employees.  We actively look for and hire people who bring new perspectives and experiences to our company. All qualified applicants will receive consideration for employment without regard to race, religion, gender, disability, age, or veteran status.