Information Systems Security Officer (ISSO) II (Remote)

OneZero Solutions•Virginia Beach, VA

5d•Remote

About The Position

As a USCG Information Systems Security Officer (ISSO) at OneZero Solutions, you will play a crucial role in supporting our USCG customers. Your responsibilities will focus on ensuring the security and compliance of information systems within the Department of Homeland Security (DHS). Specifically, you will be involved in the following areas: Risk Management Framework (RMF): You will execute the RMF process to achieve and maintain Authority to Operate (ATO) security authorizations for USCG mission systems. Continued Security Compliance: Through the execution of prescribed and ad hoc ISCM tasks, you will deliver cybersecurity compliance throughout the engineering lifecycle for the systems under our purview. Security Assessments and Audits: Conduct security assessments, identify vulnerabilities, and recommend corrective actions. Incident Response: Monitor security events and incidents, investigate suspicious activity, and take appropriate action to mitigate risks. Security Awareness and Training: Manage security awareness and training programs for DHS personnel. Collaboration: Work closely with IT engineering teams and program stakeholders to integrate security controls into system development and implementation processes. Program Relevance: Keep abreast of evolving security threats, vulnerabilities, and industry best practices and work with program stakeholders to enhance and maintain program relevancy and improve efficiency. Documentation: Document security policies, procedures, and activities.

Requirements

5+ years of direct experience serving as an Information Systems Security Officer (ISSO) within the DoD/Federal Government.
Demonstrated understanding of information security principles and best practices, including network security, system security, encryption, and incident response.
Proficiency in various security assessment methodologies and tools, including System Security Assessment and Authorization (SA&A), Vulnerability Management, and FISMA Compliance, and STIG Hardening
Experience with relevant security frameworks and standards, such as NIST Cybersecurity Framework, FISMA, RMF, and DoD IA controls and STIG
Excellent analytical and problem-solving skills.
Strong written and verbal communication skills.
Ability to work independently and as part of a team.
Active DOD Secret clearance
Must be local to one of the following locations: Hampton Roads VA, Alexandria VA, or Kearneysville WV
Must be willing to go onsite for critical meetings and work to be performed at the classified level.
One or more of the following certifications: Seurity+, CASP, SecurityX, CGRC, CAP, CISM, CISSP, or GSLC

Nice To Haves

Bachelor's degree or higher in Cyber Security or other Information Technology field of study

Responsibilities

Execute the RMF process to achieve and maintain Authority to Operate (ATO) security authorizations for USCG mission systems.
Deliver cybersecurity compliance throughout the engineering lifecycle for the systems under our purview through the execution of prescribed and ad hoc ISCM tasks.
Conduct security assessments, identify vulnerabilities, and recommend corrective actions.
Monitor security events and incidents, investigate suspicious activity, and take appropriate action to mitigate risks.
Manage security awareness and training programs for DHS personnel.
Work closely with IT engineering teams and program stakeholders to integrate security controls into system development and implementation processes.
Keep abreast of evolving security threats, vulnerabilities, and industry best practices and work with program stakeholders to enhance and maintain program relevancy and improve efficiency.
Document security policies, procedures, and activities.