Join our team at Core One! Our mission is to be at the forefront of devising analytical, operational and technical solutions to our Nation’s most complex national security challenges. In order to achieve our mission, Core One values people first! We are committed to recruiting, nurturing, and retaining top talent! We offer a competitive total compensation package that sets us apart from our competition. Core One is a team-oriented, dynamic, and growing company that values exceptional performance!
Core One is seeking Governance, Risk, and Compliance Analyst / Information System Security Officer (ISSO) to support our IC program. This position requires a TS/SCI w/ Poly clearance.
The GRC Analyst / Information System Security Officer (ISSO) is responsible for implementing and maintaining cybersecurity controls, ensuring compliance with federal regulations, and guiding information systems through the Customer’s A&A process. This role requires a deep understanding of federal cybersecurity standards, proactive engagement with stakeholders, and the ability to operate independently in a fast-paced environment.
REQUIRED QUALIFICATIONS - LEAD LEVEL:
- Active TS/SCI with Polygraph.
- Bachelor’s degree in Cybersecurity, Information Systems, or related field (or equivalent experience).
- 5+ years of experience in cybersecurity, governance, risk, compliance, or security engineering roles with at least 3 years working under Sponsor A&A guidelines.
- Direct experience with NIST RMF (NIST 800-53), ICD 503, FedRAMP, or CMMC assessment and authorization processes.
- Hands-on experience with developing/maintaining ATO packages, POA&Ms, and compliance artifacts.
- Working knowledge of vulnerability management, secure enclave architecture, boundary defense, and continuous monitoring.
- Strong written and verbal communication skills, with experience preparing compliance documentation for federal stakeholders.
- Ability to operate independently, manage multiple priorities, and engage effectively with diverse teams.
REQUIRED QUALIFICATIONS - PRINCIPAL LEVEL:
- Active TS/SCI with Polygraph.
- Bachelor’s degree in Cybersecurity, Information Systems, or related field (or equivalent experience).
- 8+ years of experience in cybersecurity, governance, risk, compliance, or security engineering roles with at least 5 years working under Sponsor A&A guidelines.
- Extensive experience with NIST RMF (NIST 800-53), ICD 503, FedRAMP, and other federal assessment and authorization processes.
- Demonstrated ability to lead the development and review of SSPs, SARs, POA&Ms, Risk Assessments, and Continuous Monitoring Plans.
- Expertise with vulnerability management tools (e.g., Nessus, Tenable.sc) and compliance scanning.
- Strong program/project management skills, particularly in audit preparation and compliance readiness.
- Proven ability to collaborate with cross-functional technical teams and engage with federal authorizing officials.
- Exceptional written and verbal communication skills, with experience producing customer-facing compliance documentation.
DESIRED QUALIFICATIONS:
- Knowledge of secure cloud and SaaS environments, including logging/monitoring, encryption, and access controls.
- Familiarity with DevSecOps, CI/CD, and container security practices.
- Experience administering Windows Server or Linux environments.
- Professional certifications such as CAP, NIST Cybersecurity Framework 800-53 Practitioner, NIST Cybersecurity Framework 800-171 Specialist, CISSP, CISM, relevant GIAC certifications, or CISA.
- Strong organizational and analytical skills with the ability to manage multiple projects in a fast-paced environment.
Core One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, or protected veteran status and will not be discriminated against on the basis of disability
Linked-in
Google