Information System Security Officer (ISSO)
About The Position
ASSYST's Information Assurance and Cyber Security Practice is seeking a mid level Information Systems Security Officer (ISSO) to support our Federal Program. ASSYST is currently managing Cyber initiatives for various customers including Federal, State, and Local governments. Our end-to-end services cover architecture, design, policy, monitoring, detection, remediation, compliance, awareness, and training. Primary Job Responsibilities: Respond to crisis or urgent situations within the system to mitigate immediate and potential threats. Use mitigation, preparedness, and response and recovery approaches, as needed, to maximize information security. Oversee, evaluate, and support the documentation, validation, and accreditation processes necessary to assure that IT systems meet the organization’s security requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Provide security advice and recommendations to leadership and staff based on NIST and FIPS guidelines Analyze system security assessment reports. Develop estimates of the security risks associated with deployment of new technologies. Use defensive measures and information collected from a variety of sources to identify, analyze, and report events
Requirements
- Professional experience supporting information security/assurance programs, policies, processes, and procedures per various security frameworks/laws/standards/directives, e.g.: FISMA; OMB directives; Presidential Directives; NIST (SP-800 series; FIPS); HIPAA of 1996; Privacy Act
- Must have comprehensive knowledge of the FISMA and FEDRAMP
- In-depth knowledge of the NIST SP 800 series documents
- In-depth knowledge of the 800-53 security control requirements and standard methods for implementing them
- Practical knowledge of IT System contingency planning
- Understanding of risk assessment and risk management concepts
- Good understanding of continuous monitoring and continuous authorization concepts
- Good understanding of protection of PII and PIA concepts
- Expert use of MS Office, especially Word, PowerPoint and Outlook
- Good ability to articulate technical concepts, especially in the review process
Responsibilities
- Respond to crisis or urgent situations within the system to mitigate immediate and potential threats.
- Use mitigation, preparedness, and response and recovery approaches, as needed, to maximize information security.
- Oversee, evaluate, and support the documentation, validation, and accreditation processes necessary to assure that IT systems meet the organization’s security requirements.
- Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
- Provide security advice and recommendations to leadership and staff based on NIST and FIPS guidelines
- Analyze system security assessment reports.
- Develop estimates of the security risks associated with deployment of new technologies.
- Use defensive measures and information collected from a variety of sources to identify, analyze, and report events
Benefits
- We are proud to offer a robust benefits package including medical, dental, vision, 401(k) retirement plan, disability insurance, flexible spending accounts and more in order for our employees to maintain a secure work/life balance.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
