Cyber Security Specialist ISSO ISSE Lead

Diverse Systems Group LLC•Fort Belvoir, VA

About The Position

Diverse Systems Group, LLC is seeking a skilled and motivated Cyber Security Specialist (ISSO/ISSE) Lead who will be responsible for overseeing the cybersecurity team while identifying shortfalls in the assessment and authorization process, tracking and managing Risk Assessments, assisting in implementing a Risk Management strategy and tying together the business continuity of operations plan (COOP) and the IT COOP plans for the Defense Acquisition University (DAU) located at Alexander T. Augusta Military Medical Center (ATAMMC). Job Summary: Provide leadership and guidance to the cybersecurity team, fostering a culture of excellence, collaboration, and innovation. Manage the organization’s Risk Management Plan implementation through the identification of various types of risk, potential mitigation strategies, and potential impact to the organization. Manage identified risks and track response actions to ensure they support the organization’s Risk Management Strategy and are properly documented in a risk registry Schedule, conduct, and track RMF validations for each DAU IT Portfolio. Optimize and enhance the review of security controls, as part of a risk assessment, as needed to support an Authorization To Operate (ATO) of an Investment Review vulnerabilities and identify potential risks based on the type of vulnerability and the potential impact. Identify actions needed to protect information flows to ensure adherence to legal and regulatory standards. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a digital risk event. Facilitate and support the development of asset inventories, including digital assets in cloud services and in other parties in the organization’s ecosystem. Track open vulnerabilities and provide a status on each open risk for each IT Portfolio / Investment. Ensure POAM is current and reflects all known weaknesses. Other duties as assigned

Requirements

In-depth knowledge of cybersecurity principles, technologies, and best practices.
Strong understanding of security frameworks and regulatory requirements (e.g., NIST, ISO, GDPR, HIPAA).
Excellent analytical, problem-solving, and communication skills.
Ability to work effectively under pressure and prioritize tasks in a fast-paced environment.
Strong leadership skills with the ability to motivate and mentor team members.
3 - 10 years’ experience using NIST Standards and the Risk Management Framework for DoD Information
Technology process to bring systems into compliance with current DOD-level Cybersecurity and security policies
prior to granting approval to implement these upgrades.
• 3 - 5 Years experience using security tools such as HBSS, ACAS, eMASS.
Must meet DOD IA Workforce requirements at the IAT – I level (i.e. security+)
Must be eligible to obtain and maintain a Public Trust clearance

Responsibilities

Provide leadership and guidance to the cybersecurity team, fostering a culture of excellence, collaboration, and innovation.
Manage the organization’s Risk Management Plan implementation through the identification of various types of risk, potential mitigation strategies, and potential impact to the organization.
Manage identified risks and track response actions to ensure they support the organization’s Risk Management Strategy and are properly documented in a risk registry
Schedule, conduct, and track RMF validations for each DAU IT Portfolio.
Optimize and enhance the review of security controls, as part of a risk assessment, as needed to support an Authorization To Operate (ATO) of an Investment
Review vulnerabilities and identify potential risks based on the type of vulnerability and the potential impact.
Identify actions needed to protect information flows to ensure adherence to legal and regulatory standards.
Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a digital risk event.
Facilitate and support the development of asset inventories, including digital assets in cloud services and in other parties in the organization’s ecosystem.
Track open vulnerabilities and provide a status on each open risk for each IT Portfolio / Investment. Ensure POAM is current and reflects all known weaknesses.
Other duties as assigned