We're Hiring!

---

The Senior ISSO provides expert leadership in Assessment & Authorization (A&A) and Risk Management Framework (RMF) activities. They oversee system security compliance, conduct advanced risk assessments, lead audits, and guide program stakeholders through the accreditation process while mentoring junior staff.

Requirements:

Certification: CISSP (required)

Experience: 7+ years in cybersecurity or information assurance with at least 5 years performing ISSO/A&A duties

The Mid ISSO supports system security compliance by conducting security control assessments, preparing A&A documentation, and assisting with system audits. They work closely with system owners to implement security controls, support continuous monitoring, and ensure compliance with federal and industry standards.

Requirements:

Certification: CGRC, Security+ (at least one required)

Experience: 3–5 years in cybersecurity or information assurance, with experience in A&A processes

The Senior SCA leads security assessments across FedRAMP, hybrid, and CMMC environments. They validate security controls, perform in-depth risk analysis, and produce final assessment reports for authorization decisions. They also mentor junior assessors, and ensure assessment quality aligns with NIST, FedRAMP, and DoD standards.

Requirements:

Certification: CISSP, CISA  (required)
Experience: 7+ years in cybersecurity with 5+ years conducting security control assessments

The Mid-level SCA performs security control validations for FedRAMP-authorized systems, CMMC environments, and hybrid infrastructures. They execute test procedures, analyze evidence, and prepare security assessment reports. They work closely with Senior SCAs to ensure compliance and recommend remediation steps.

Requirements:

Certification: CISA, CGRC, Security+ (at least one required)
Experience: 3–5 years in cybersecurity with direct experience in control assessments or audits