Information System Security Officer
About The Position
XPECT Solutions, LLC has built a strong reputation by supporting our clients in meeting their strategic goals and mission objectives. We provide high quality resources for a wide range of IT and security solutions at best-value pricing. Our success is built on a solid foundation of well-vetted, highly technical personnel, a disciplined project management approach, and an overarching commitment to customer service. We develop, test, deploy, and support exceptional solutions that enhance system functionality, while maximizing reliability and availability, and ensure the tightest security. XPECT Solutions is looking for a dynamic and talented Information System Security Officer (ISSO) to support our customer's mission critical work in Washington, DC. The ISSO serves as the principal advisor to the Information System Owner (SO) and Information System Security Manager (ISSM) on all matters, technical and otherwise, involving the security of an information system.
Requirements
- U.S. Citizenship
- Bachelor’s in computer science, business, or other relevant discipline. In lieu of a degree eight (8) years of relevant work experience will be accepted
- Experience with cybersecurity frameworks and standards including: NIST 800-53 OWASP (Open Web Application Security Project) SANS Institue Best Practices
- Knowledge and experience of information security practices within federal and/or state government environments.
- Excellent Written and Oral Skills
Nice To Haves
- Active Public Trust Clearance
- Experience with: Virtualization Technologies Continuous Integration/Continuous Delivery (CI/CD) pipelines Software Defined Infrastructure Cloud Platforms (i.e. AWS, Azure)
- CISSP Certification
Responsibilities
- Ensuring the implementation and maintenance of security controls in accordance with the NIST 800-53 and EOUSA policies.
- Prepares, reviews, and updates system authorization packages in Cyber Security Assessment and Management (CSAM).
- Conducts continuous monitoring activities for agency system including, internal system and FedRAMP system
- Conducts system procedures, documentations, control implementation statements, annual self-controls assessment, Plan of Actions and Milestones (POA&M) review, Audit log Review and vulnerabilities scan review according to National Institute of Standards and Technology (NIST) requirements.
- Conducts Security Impact Analysis (SIA), Risk Assessment, Risk Based Accepted, and Security Technical Implementation Guides (STIG) Review, when changes occur that might affect the authorization determination of the information system(s).
- Coordinates any changes or modifications to hardware, software, or firmware of a system with the PMs, Security Officer and SO prior to the change
- Performs security related tasks which include documentation, vulnerability scan review, assessment support, patch management, and auditing as required.
Benefits
- A competitive Medical, Dental, and Vision plan
- Retirement Savings Plan
- Life Insurance
- AD&D Insurance
- Short Term and Long Term Disability Insurance
- 3 weeks of annual PTO
- 11 days of Holiday PTO
- Performance Awards
- Referral Bonus Plan (of up to $5,000/year)
- Education Reimbursement/Training (of up to $2,500/year)
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
