Federal Information Systems Security Officer (ISSO)

Washington, D.C
Aug 17, 2022
Aug 25, 2022
Full Time

As the Federal Information Systems Security Officer (ISSO) for the Department of Homeland Security (DHS) Office of the Chief Information Officer (OCIO) , IT Operations Directorate (ITO), you will serve as a principal advisor to major system and support application owners across Federal Government. You will also consult and advise the DHS Executive of ITO, Chief Information Security Officer, and Information Systems Security Managers (CISO/ISSM) on all related matters.

As a DHS Cybersecurity Service Employee in the Technical Track, at the Staff Cybersecurity Specialist level, you will continually maintain and share your expert/resident-level expertise in either Risk Management and Compliance or Vulnerability Assessment to perform a range of critical, routine and non-routine tasks, including
  • Ensuring security requirements and protective measures and countermeasures for major applications or general support systems are met.
  • Assisting in the development of systems security policy that impact DHS and federal government.
  • Coordinating with external agencies and assisting in the preparation of interagency security agreements (ISAs) to ensure all connections meet security requirements and are documented in the Security Plan, Risk Assessment, and all related operating procedures.
  • Facilitating requests and completion for certification and accreditation of computer systems in accordance with published procedures.
  • Ensuring compliance with all legal requirements concerning the use of commercial proprietary software (e.g., copyrights and site licenses).
  • Maintaining an inventory of hardware and software within a program and development office or field site facility.
  • Gathering essential information related to critical, unusual, or irregular cybersecurity challenges to coordinate development of contingency plans and ensure plans are regularly tested and maintained.
  • Overseeing or facilitating risk analyses to determine cost-effective and essential safeguards.
  • Ensuring preparation of highly effective security plans for sensitive systems and networks based on insights about both long-and short-term implications.
  • Attending security awareness and related training programs and distributing security awareness information to the user community as appropriate.
  • Reporting IT security incidents in accordance with established procedures.
  • Providing key technical input to appropriate IT security personnel and organizational leaders to prepare reports to higher authorities concerning sensitive and/or national security information systems.
  • Supporting leadership with decision-making and actions related to future planning and policy needs.

Depending on their career level, DHS Cybersecurity Service employees with a technical capability in Cybersecurity Risk Management and Compliance will generally apply their expertise to:
  • Oversee, evaluate, and supports the documentation, validation, assessment, and authorization processes necessary to ensure that existing and new information technology systems meet the Department's cybersecurity and risk requirements, and provide decision makers with the knowledge to make well-informed risk decisions.
  • Ensure that strategic considerations drive investment and operational decisions with regard to managing risk to organizational operations (including mission, function, image and reputation), organizational assets, individuals, other organizations (collaborating or partnering with federal agencies and contractors) and the nation.
  • Understand and utilize the NIST series of documents.

Depending on their career level, DHS Cybersecurity Service employees with a technical capability in Vulnerability Assessment will generally apply their expertise to:
  • Conduct assessments of threats and vulnerabilities on networks/systems software and hardware and develops and recommends appropriate mitigation countermeasures.
  • Develop and conduct tests of systems to evaluate compliance with specifications and requirements in accordance with policy, benchmarks, and industry best practices, by validating technical, functional, and performance characteristics of systems or their elements.
  • Coordinate and align with program offices and various stakeholders.
Visit Resources for more information about DHS Cybersecurity Service technical capabilities.


Conditions of Employment

  • You must be a U.S. Citizen or national.
  • You must be 18 years of age.
  • Must be registered for the Selective Service (if you are a male).
  • Must be able to obtain and maintain a Top Secret security clearance.
  • Must be able to submit to a drug test and receive a negative result.
  • Must be able to comply with ethics and standards of conduct requirements, including completing any applicable financial disclosure.
  • May be required to serve a 3 year probationary period.
  • In limited circumstances, DHS may consider remote applicants.


This position is in the Technical Track at the Staff Cybersecurity Specialist career. At this level, individuals generally:
  • Have 8+ years of cybersecurity work experience
  • Are capable of serving as a resident cybersecurity expert who applies significant technical expertise to develop solutions for critical, non-routine challenge

DHS Cybersecurity Service employees start at career levels and salaries matching their experience and expertise. In recruiting for this opportunity, DHS may hire employees at higher or lower career levels and associated salaries.

When you submit your application, you will have the opportunity to select which of the following 2 capabilities is your primary technical capability-reflecting your primary area of expertise that you would apply on the job:
  • Vulnerability Assessment
  • Cybersecurity Risk Management and Compliance

DHS Cybersecurity Service jobs are structured cybersecurity specializations - called technical capabilities. To learn more about technical capabilities, visit our application portal .

  • Certified Authorization Professional (CAP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)


Degrees are not required for jobs in the DHS Cybersecurity Service, but DHS is interested in your level of education and the topics you studied. As you submit initial application information, you will be asked questions about your education.

Additional information

Salary: Listed salary ranges reflects typical starting salaries available to employees in most of the United States across applicable career levels. Within the provided range, average salaries vary for each career level.
  • Staff Cybersecurity Specialist: $128,250 - $141,750
In some geographic areas, average starting salaries will be higher because of a local cybersecurity labor market supplement (e.g., metro Washington, D.C. +10%).

Actual salaries of individual employees may be higher or lower than provided figures. For an overview of the salaries available in the DHS Cybersecurity Service, visit Resources .

Benefits: DHS Cybersecurity Service employees receive a range of federal employment benefits designed to support their professional and personal lives. To learn more about benefits, visit our application portal .

More information about the specific benefits available to you will be provided as you progress through the application process.

Background Investigation: To ensure the accomplishment of its mission, the Department of Homeland Security (DHS) requires each and every employee to be reliable and trustworthy. To meet those standards, all selected applicants must undergo and successfully complete a background investigation for a security clearance as a condition of placement in this position. This review includes financial issues such as delinquency in the payment of debts, child support and/or tax obligations, as well as certain criminal offenses and illegal use or possession of drugs.

Pursuant to Executive Order 12564 and DHS policy, DHS is committed to maintaining a drug-free workplace and, therefore, conducts random and other drug testing of its employees in order to ensure a safe and healthy work environment. Headquarters personnel in safety- or security-sensitive positions are subject to random drug testing and all applicants tentatively selected for employment at DHS Headquarters are subject to drug testing resulting in a negative test result.