We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Phia LLC jobs

[Contingent] Senior Information Security Analyst (ISSO)

Phia LLC
medical insurance, dental insurance, life insurance, vision insurance, paid time off, paid holidays, long term disability, 401(k)
United States, Virginia, Fairfax
11166 Fairfax Boulevard (Show on map)
May 14, 2026

DISCLAIMER: This position is in support of a current government proposal. Employment is contingent upon contract award to phia, LLC.

Status: Proposal - Contingent upon Award

Location: Hybrid - Washington, DC Metro Area

Schedule: Full-time | Core hours 0730-1600 EST, Monday-Friday

Focus Areas: ISSO, RMF/ATO, FISMA Compliance, Security Documentation, Privacy, Continuous Monitoring

OVERVIEW
phia is seeking an experienced Senior Information Security Analyst (ISSO) to provide dedicated ISSO support for a federal client's information systems. This role is responsible for developing, maintaining, and assessing Security Assessment & Authorization (SA&A) packages and supporting the ongoing security and compliance posture of federal IT systems.
You will serve as the primary ISSO for assigned federal information systems, managing the full SA&A documentation lifecycle, coordinating with system owners to maintain continuous compliance, and ensuring security artifacts accurately reflect the current state of each system you support.
WHAT YOU'LL DO
  • Serve as the primary ISSO for assigned federal information systems, maintaining comprehensive knowledge of each system's security posture, authorization boundary, and control implementation status.
  • Develop, maintain, and assess Security Assessment & Authorization (SA&A) packages leading to Authority to Operate (ATO): SSPP, SAR, POA&M, IRP, CP, CMP, IPA, PIA, MOU, ISA, and authorization documentation.
  • Coordinate with system owners and operations and maintenance (O&M) staff to ensure ongoing compliance with applicable federal security requirements and standards.
  • Support continuous monitoring activities: track control assessment schedules, review and update authorization packages based on system and environment changes, and report security posture to the Authorizing Official.
  • Develop and maintain Incident Response Plans and Procedures; coordinate with the client security operations center when security incidents are identified.
  • Prepare and maintain Contingency Plans (CP) and Configuration Management Plans (CMP) per applicable NIST standards.
  • Coordinate privacy documentation with records management and privacy officials: IPA, PIA, and SORN for systems processing PII.
  • Develop and track Plans of Action and Milestones (POA&M) for all identified security and privacy control weaknesses; ensure POA&Ms are accurate and do not improperly defer legally required controls.
  • Support annual FISMA and FISCAM audit activities: gather evidence, respond to auditor requests, and coordinate corrective actions.
  • Provide regular security posture status reporting on assigned systems.
WHO YOU ARE
  • ISSO: You have served as an ISSO in practice: you own your systems' security posture, understand their boundaries, and keep their SA&A packages current.
  • Documentation Expert: You produce SSPP, SAR, POA&M, IRP, CP, and CMP documentation that is accurate, complete, and government-ready without extensive rework.
  • Privacy-Aware: You recognize when a system triggers PII documentation requirements and know how to coordinate IPA and PIA processes with privacy officials.
  • Continuous Monitoring Practitioner: You understand federal ISCM strategies and can implement system-level monitoring plans that supplement agency requirements.
  • Organized: You manage multiple systems simultaneously, tracking authorization status, POA&M items, and upcoming assessment milestones across your portfolio.
  • Federal-Fluent: You have worked within a federal environment and understand FISMA, the Privacy Act, OMB A-130, and the practical realities of the government authorization process.
PREFERRED SKILLS
  • Prior ISSO experience supporting federal agency IT systems
  • Experience using federal authorization management platforms (e.g., JCAM) for package management and status tracking
  • Experience coordinating SORN submissions and PIA reviews with agency privacy officials
  • Experience supporting both on-premises and FedRAMP cloud system authorization packages
  • Familiarity with NIST SP 800-88 Rev. 1 media sanitization procedures
  • Experience with configuration management and change control processes in a federal environment
REQUIRED EDUCATION + EXPERIENCE
Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field
Experience: 7+ years of cybersecurity expertise; 6+ years developing, maintaining, and assessing SA&A packages resulting in ATO for federal information systems
Certifications: Minimum one (1) of the following: CISA (ISACA), CRISC (ISACA), CISSP (ISC2), CGRC (ISC2)
Clearance: Public Trust / Suitability clearance required

GENERAL PROGRAM REQUIREMENTS

Citizenship: Must be a U.S. Citizen. No exception.

Work Hours: Full-time; Monday-Friday core hours 0730-1600 EST

Work Location: Hybrid - Washington, DC Metro Area; on-site presence required. Classified work must be performed at a government-designated facility on government-provided equipment.

Travel: Occasional travel may be required in support of this program.

Who We Are

phia LLC ("phia") is a Northern Virginia based, small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, Information Assurance/Security, Compliance, Certification & Accreditation, Communications Security, Traditional Security, and Facilities Security. phia also provides cyber operations support functions such as: Program and Process Management, Engineering, Development, and Systems Administration that allows for Cyber Operations to efficiently integrate our customer's missions and objectives. phia supports various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.

phia offers excellent benefits to enhance work-life balance, including the following:

  • Medical Insurance
  • Dental Insurance
  • Vision Insurance
  • Life Insurance
  • Short Term & Long Term Disability
  • 401k Retirement Savings Plan with Company Match
  • Paid Holidays
  • Paid Time Off (PTO)
  • Tuition and Professional Development Assistance

phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in the provision of employment opportunities and benefits.

Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-ftqzq)