Information Assurance Engineer/Information System Security Officer (DoD Secret Clearance)

MartinFed•Washington, DC

About The Position

The IA Engineer/ISSO plays a critical role in ensuring the confidentiality, integrity, and availability of sensitive information and systems within government agencies. This position involves designing, implementing, and managing robust security solutions to safeguard digital assets and mitigate cyber threats. The IA Engineer/ISSO collaborates closely with various teams, including IT professionals, security analysts, and management, to uphold the highest standards of cybersecurity in alignment with government regulations and industry best practices.

Requirements

Bachelor's degree in Computer Science, Information Technology, or a related field.
Relevant industry certifications such as CISSP, CISM, CISA, CompTIA Security+, or GIAC certifications.
Proven experience in information security engineering, preferably in a Federal Government Agency or regulated environment.
Strong understanding of cybersecurity frameworks, standards, and regulations (NIST, FISMA, etc.).
Knowledge of security technologies, including firewalls, intrusion detection/prevention systems, SIEM, encryption, and authentication protocols.
Excellent problem-solving skills and the ability to think critically in high-pressure situations.
Strong interpersonal skills and the ability to work effectively in cross-functional teams.
Exceptional communication skills, both written and verbal.
Holds at least an active Public Trust
Ability to obtain and maintain a Secret security clearance

Responsibilities

Provide support for the development of policies, standards, instructions, procedures, strategies, and communications relative to the customer's mission.
Provide services in accordance with NIST 800-37, NIST 800-53, FISMA of 2014, and organization-level policies, directives, and guidelines.
Security Infrastructure Design and Implementation: Design and deploy comprehensive security measures to protect information systems, networks, and applications.
Develop and implement security architectures, policies, standards, and procedures that align with federal regulations and guidelines.
Assessment Support: Conduct regular assessments and audits to identify potential vulnerabilities and security gaps in systems and applications.
Ensure compliance with federal regulations, standards, and guidelines, such as NIST, FISMA, and FedRAMP.
Collaborate with relevant teams to prioritize and address identified vulnerabilities in a timely manner.
Incident Response and Reporting: Participate in incident response activities to effectively handle and mitigate security incidents and breaches.
Contribute to the development and testing of incident response plans and playbooks.
Continuous Monitoring: Utilize security tools and technologies to monitor network traffic, detect anomalies, and investigate potential security incidents to ensure continuous secure operations.
Analyze security logs, reports, and data to identify patterns and trends indicative of unauthorized activities.
Support internal and external audits related to information security and assist in remediation efforts.
Plan of Action and Milestones (POA&M) Management: Create, manage, and report on POA&Ms for customer information systems.