Enterprise Information Services, Inc.

  • Information Systems Security Officer

    Job Location US-DC
    # of Openings
    Targeted Job Start Date
  • Overview

    The ISSO is the senior information security professional for the Federal Highway Administration (FHWA) Information Technology Support Services III (FITSS-3) contract. The ISSO is responsible defining, creating and maintaining the documentation for certification and accreditation of each information system in accordance with FHWA and government requirements. The ISSO assesses the impacts on system modifications and technological advances.



    • Research, develop, implement, test and review an organization's information security in order to protect information and prevent unauthorized access.
    • Inform users about security measures, explain potential threats, install software, implement security measures and monitor networks.
    • Ensuring systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan.
    • Ensuring that all users have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before granting access to the IS.
    • Reporting all security-related incidents to the Information Systems Security Manager (ISSM).
    • Initiating, with the approval of the ISSM, protective or corrective measures when a security incident or vulnerability is discovered.
    • Developing and maintaining System Security Plans (SSP).
    • Conducting periodic reviews to ensure compliance with the SSP.
    • Ensuring Configuration Management (CM) for security-related IS software, hardware, and firmware is maintained and documented.
    • Ensuring that system recovery processes are monitored to ensure that security features and procedures are properly restored.
    • Ensuring all IS security-related documentation is current and accessible to properly authorized individuals.
    • Formally notifying the ISSM and Authorizing Official when changes occur that might affect accreditation.
    • Ensuring that system security requirements are addressed during all phases of the system life cycle.
    • Following procedures developed by the ISSM, authorizing software, hardware, and firmware use before implementation on the system.


    • BS/BA in Computer Science, Information Systems, Software Engineering or other related analytical, scientific or technical discipline.
    • US Citizenship and able to pass a government background for a Public Trust Clearance.
    • CISSP Certification required.
    • Ten (10) years experience in IT security, including C&A and/or IT security risk analysis, preferably in support of the Federal Government.
    • At least one (1) year C&A, DoD information Technology Security Certification and Accreditation Process (DITSCAP) and/or Do It Yourself Vulnerability Assessment Program (DITYVAP) experience.
    • ITIL Foundation certified preferred.
    • Experience in all aspects of information technology including application development, operations, IT security, service desk, network, telecommunications, and end user services;
    • Demonstrated experience in meeting project milestones within funding parameters.
    • Demonstrated experience in solving complex problems.
    • Demonstrated experience with Microsoft Project.
    • Demonstrated communication experience to include oral, written, and formal presentation skills.
    • Knowledge of Federal Government C&A practices and policies, particularly FISMA, NIST SP 800-53, and DHS 4300.
    • Experience with C&A tools preferred, such as RMS, TAF / Trusted Agent FISMA, vulnerability assessment scan reports, etc.
    • Effective written and oral communication skills.

    EIS is an Equal Opportunity Employer/M/F/V/Disabled


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed