Information System Security Officer (ISSO)
ERT•Suitland, MD
49d•$66,000 - $242,000•Hybrid
About The Position
ERT is seeking an Information System Security Officer (ISSO) to support work at the NOAA National Environmental Satellite Data and Information Service (NESDIS) Office of Satellite and Product Operations (OSPO). This position will serve as the Alternate ISSO to the Federal ISSO, providing management and oversight of daily security operations, and principal IT security advisor to the System Owner.
Requirements
- Implementation and monitoring of information system compliance with Federal, NIST, Department of Commerce (DOC), NOAA, NESDIS, and OSPO (Office of Satellite and Product Operations) information security control policies and procedures, ensuring industry and/or U.S. Federal government best practices are followed.
- Development, management, and maintenance of the entire core documents package (including, but not limited to the System Security Plan (SSP), FIPS 199, FIPS 200, and Contingency Plan).
- Ability to lead successful collaboration between system administrators and independent assessors in order to generate quality artifacts during annual security controls assessments.
- Maintenance of the security authorization package in the Cyber Security Assessment and Management (CSAM) system.
- Conducting Security Impact Analysis (SIA).
- Coordination with network and system support personnel to ensure software, firmware, and security updates are applied to components within deadlines.
- Planning, management, and execution of weekly, monthly and quarterly vulnerability scans.
- Analysis of monthly and vulnerability scan results, Security Controls Assessment (SCA) results, and penetration test results and corresponding remediation plans.
- Development, management, and maintenance of POA&Ms in CSAM.
- Planning, execution, and documentation of continuous monitoring activities.
- Planning, coordination, management, and oversight of implementation NOAA/NESDIS/OSPO standard technologies such as ArcSight, BigFix, Axonius, and Tenable Security Center.
- Must possess knowledge of cloud (AWS) security tools.
- CISSP certification required; CGRC, or CEH certifications preferred.
- Must be a US Citizen or Permanent Resident who has lived in the United States at least 3 out of the last 5 years and be able to pass a background investigation to obtain a security badge to access applicable government facilities and systems.
Nice To Haves
- CGRC certification
- CEH certification
Benefits
- Medical, Rx, Dental, and Vision Insurance
- 401(k) retirement plan with company-matching
- 11 Paid Federal Government Holidays
- Paid Time Off (PTO)
- Basic Life & Supplemental Life
- Health Savings Account, Flexible Spending and Dependent Care Flexible Spending Accounts
- Short-Term & Long-Term Disability
- Employee assistance program (EAP)
- Tuition Reimbursement, Personal Development & Learning Opportunities
- Skills Development & Certifications
- Professional Membership Reimbursement
- Employee Referral Program
- Competitive compensation plan
- Discretionary variable incentive bonuses based on factors such as individual performance, business unit performance, and/or the company’s performance
- Publication and Conference Presentation Awards with bonuses
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
1,001-5,000 employees
