ICF is seeking an Information Systems Security Officer (ISSO) to support the United States Department of Health and Human Services (HHS) in the Washington, DC area. The ISSO is responsible for ensuring that the security and privacy posture is maintained for organizational system(s) and works in close collaboration with the system owner. The ISSO also serves as a principal advisor on all matters, technical and otherwise, involving the controls for the system(s). The ISSO has the knowledge and expertise to manage the security and privacy aspects of organizational systems and, in many organizations, is assigned responsibility for day-to-day system security operations. This responsibility may also include, but is not limited to, physical and environmental protection; personnel security; incident handling; and security and privacy training and awareness.Responsibilities include:Propose, coordinate, implement and enforce HHS information systems security policies, standards, and methodologiesServe as a focal point for IT security and privacy incident reporting and subsequent resolutionDraft and maintain security policy documentation in support of the Risk Management FrameworkEnsure that security-related documentation at each phase of the HHS Enterprise Performance Lifecycle (EPLC) meets all identified security needsCoordinate with organization configuration management (CM) for information system security software, hardware, and firmware updatesMaintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgradesEnsure that IT security notices and advisories are distributed to appropriate personnel and that vendor-issued security patches are expeditiously installedTrack security education and awareness training conducted for personnel and contractors, as appropriateProvide CM for security-relevant information system software, hardware, and firmwareDevelop system security policy and ensure complianceMaintain operational security posture for an information system or programDevelop and update the system security plan and other cybersecurity documentationAssist with the management of security aspects of the information system and perform day-to-day security operations of the systemAssist with assessment, development and implementation of programs and controls set in place to preserve the integrity and security of sensitive data and information stored and processed by various network systemsAssist with prevention of data breaches and unauthorized access to information systemsPerform cybersecurity system management functionsReview information security systems and recommend improvements/solutions.Required Qualifications:Bachelor's Degree in Information Assurance, Cybersecurity, Computer Science, Information Systems, Engineering or other related disciplineMinimum 3 years of ISSO experienceCertified Systems Security Professional (CISSP) or other widely recognized cybersecurity professional certificationThorough knowledge of network security concepts with application knowledge of various enterprise security point technologies, managed security services, Security Information and Event Management solutions, packet analysis tools, cryptography and Active Directory / Kerberos authentication protocolDeep technical understanding of core current cybersecurity technologies as well as emerging capabilitiesDemonstrated experience working in large Federal agency preferably in HHSPossess the knowledge of security best practices, security solutions, and methodologies for risk managementDemonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).Demonstrated advanced knowledge of industry accepted standardsExperience with governance, risk, and compliance tools like eMASS, Archer, Xacta, etc.Minimum 2 years intrusion detection and/or incident handling experience Working at ICF Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. If you're seeking to make a difference in the world, visit www.icf.com/careers to find your next career. ICF-together for tomorrow.We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO & AA policy .COVID-19 Policy: New or prospective US employees must provide proof of complete vaccination on the date of their commencement of employment. If selected for employment, you will provide proof of your full vaccination status, defined as vaccinated two weeks after receiving the requisite number of doses of a COVID-19 vaccine approved or authorized for emergency use by the FDA.Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email icfcareercenter@icf.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law and Pay Transparency Statement . Washington, DC (DC02)