Careers - Metronome


Every individual has unique passions, career goals, and personal values. We are here to make the connection between those and the needs of our customers. When the stars align, we welcome our new employees - or Pulsers as we like to call them - to the family. We offer competitive benefits to ensure that our Pulsers are well taken care of for whatever comes their way.

Information System Security Officer (ISSO)

Job Title
Information System Security Officer (ISSO)
Requirement ID
Alexandria,  VA
Other Location

The Information System Security Officer (ISSO) will manage overall security related policies, procedures, laws and regulations; create, document and implement various security plans and compliance documents to enforce Information Assurance principles.

Duties Include:

  • Develop, maintain and manage Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), POA&Ms, and other relevant security documentation for existing and new systems
  • Conduct both technical and non-technical internal audits and testing to validate system and operational requirements compliance
  • Use workflows to develop security artifacts
  • Document, organize and implement security control requirements
  • Identify current and new risks
  • Prepare vulnerability test plans and coordinate the testing and result procedures
  • Assess customer based solutions and provide recommendations for any improvements to current security posture
  • Ability to review and write security related policies and procedures
Required Skills

• Bachelors Degree in Computer Science, IT or Information/Cyber Security
• Minimum of 5+ years of experience as an ISSO supporting major federal information systems/applications

• Experience with auditing security controls and financial processes
• Superior writing, communication and critical analysis skills
• Proficient with Information Assurance, Information Technology and Information Management concepts, processes and procedures

Advanced Experience/Proficiency with the following:
• NIST SP 800-37 Risk Management Framework security assessment and authorization (A&A) processes
• NIST 800-53 security controls and required documentation
• Security controls (i.e. NIST SP 800-53, FISCAM, etc.) assessments in support of FISMA, A-123 and annual self-assessment initiatives
• Federal Risk and Authorization Management Program (FedRAMP) for authorization of cloud services
• Enterprise Logging System to conduct regular reviews of audit logs (operating system, application, database, etc.) for security anomalies and compliance with applicable policies and procedures
• POA&M Management and Risk Management Framework (RMF)
• Reviewing operating system, application, and database security baseline configuration documentation to ensure compliance with agency hardening guidelines
• Reviewing proposed change requests related to system design / configuration and performing a security impact analysis to provide approval or denial recommendations
• Reviewing vulnerability scan results

• ISC2 Certified Authorization Professional (CAP) and ISC2 Certified Information System Security Professional (CISSP) certification or CompTIA Certified Advanced Security Practitioner (CASP+)

Active US Government Security Clearance Required.
Optional Skills

• ISC2 Certified Cloud Security Professional certification (CCSP)
• Familiar with IT system administration/engineering

An Equal Opportunity Employer: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. Metronome is committed to providing reasonable accommodations to employees and applicants for employment, to assure that individuals with disabilities enjoy full access to equal employment opportunity (EEO). Metronome shall provide reasonable accommodations for the known physical or mental limitations of qualified employees and applicants with disabilities, unless Metronome can demonstrate that a particular accommodation would impose an undue hardship on business operations. Applicants requesting a reasonable accommodation may make a request by contacting us.