Information System Security Officer 
It is a time of excitement and opportunity at BCT Partners - a great moment to join our team! We are seeking an experienced Information System Security Officer for our growing Technology line of business.  
 
About BCT 
We solve complex social problems. 
 
BCT is a management consulting firm that tackles complex social problems through data analytics, equity-centered solutions and program management. We believe complex issues are best solved through collaboration. As a result, we employ a multidisciplinary approach that combines domain expertise, research, evaluation, technology, organizational development, and a passion for change. 
 
To learn more about how we live our values of Ubuntu (“I am because we are”) and our mission to harness the power of diversity, insights, and innovation to transform lives, accelerate equity, and create lasting change, go to our website and follow us on social media. 
https://www.bctpartners.com/ 
  

 
About the Information System Security Officer 
The Information System Security Officer (ISSO) will oversee the security of ACL’s information systems, ensuring compliance with federal regulations and industry standards. This role involves developing, implementing, and maintaining security policies, procedures, and controls to protect sensitive data and prevent unauthorized access, data breaches, and other security threats. The ISSO will work closely with system owners, development teams, and external auditors to manage security risks, conduct vulnerability assessments, and ensure continuous monitoring of the systems.Additionally, the ISSO will play a key role in the certification and accreditation process, including the development of Assessment and Authorization (A&A) packages and maintaining Authority to Operate (ATO) status. This position requires strong leadership skills, a deep understanding of information security principles, and the ability to manage multiple security projects effectively. The ISSO will ensure that all security measures are in line with the National Institute of Standards and Technology (NIST) guidelines, Federal Information Security Modernization Act (FISMA) requirements, and other relevant regulations.The ideal candidate for the Information System Security Officer (ISSO) role is a seasoned security professional with over 10 years of experience in information system security management. This individual possesses a bachelor’s degree in computer science, Information Security, or a related field, and holds certifications such as CISSP or CISM. They will have extensive experience with Security Assessment and Authorization (A&A) processes and maintaining Authority to Operate (ATO) status. They demonstrate a strong understanding of federal security frameworks and standards, including FISMA, NIST SP 800-53, and FedRAMP, and are adept at conducting vulnerability assessments and managing security risks using SCAP-compliant automated tools. Additionally, they must be proficient in providing security training and fostering a culture of security awareness and continuous improvement within the organization. They are committed to maintaining high standards of cybersecurity, user experience, and accessibility, ensuring all changes adhere to Section 508 compliance and support the teams’ goals.Key Responsibilities Include: 

• Develop, implement, and maintain security policies, procedures, and controls to protect ACL’s information systems.  
• Oversee the certification and accreditation process, including the development of A&A packages and maintaining ATO status.  
• Conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks.  
• Ensure compliance with federal regulations, including FISMA, NIST SP 800-53, and FedRAMP requirements.  
• Collaborate with system owners, development teams, and external auditors to manage security risks and ensure the effectiveness of security controls.  
• Monitor the security posture of ACL’s information systems and provide detailed reports on risks, vulnerabilities, and compliance status.  
• Manage incident response activities, conduct forensic investigations, and implement corrective actions to prevent future incidents. 
• Develop and maintain security documentation, including System Security Plans (SSP), Security Assessment Plans (SAP), and Plan of Actions and Milestones (POA&M).  
• Provide security training and awareness programs for all staff and ensure compliance with HHS security training policies.  
• Support continuous monitoring of information systems and ensure compliance with Information Security Continuous Monitoring (ISCM) requirements.  

What you bring to the table: 

• 7 years of experience as ISSO.  
• Bachelor’s degree in Computer Science, Information Security, or a related field.  
• Experience with Security Assessment and Authorization (A&A) and ATOs.  
• Proven experience as an Information System Security Officer or in a similar role, with a focus on information systems security.  
• Strong understanding of security frameworks and standards, including FISMA, NIST SP 800-53, and FedRAMP.  
• Experience with vulnerability assessment and management tools, such as SCAP-compliant automated tools.  
• Proficiency in security incident response and forensic investigation techniques.  
• Certifications such as CISSP, CISM, or equivalent are preferred.  
• Experience with secure coding practices and software development lifecycle (SDLC) security.  
• Familiarity with modern cloud technologies and architectures, including containerization and microservices.  

BCT offers a competitive total compensation package that, for this position includes a base annual salary range of $125,000 - $135,000 (based on qualifications), along with a generous benefits package.  BCT’s benefits include heavily subsidized medical, dental and vision coverage, fully vested 401k plan with company match, company paid life and disability insurance plans, a strong work-life balance/time-off structure. 
 
This is a remote position, located in any of the fifty United States or Washington, DC. BCT Partners works primarily on Eastern Time, though we do have staff in all four time zones.  We support and encourage a strong staff community, leveraging virtual communication tools and collaborative work practices. The African philosophy of Ubuntu (“I am because we are”) is an overarching value that influences our leadership and interactions.  
 

BCT Partners is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, military and or/ veterans status, or any other federal or state legally protected class. BCT Partners will not discriminate against persons because of their disability, including disabled veterans, and will make reasonable accommodations for known physical or mental limitations of qualified employees and applicants with disabilities. If you are interested in applying and require special assistance or accommodation due to a disability, please contact our Human Resources Department.

Powered by JazzHR

Apply Here



Apply Here: https://www.click2apply.net/dWV2d5UOZmkk5CBJNHaaN2

PI242623860