Information Systems Security Officer (ISSO)
About The Position
Full Visibility is seeking an Information Systems Security Officer (ISSO) to work in Quantico, VA. Candidate must possess an active Top Secret clearance. The ISSO will work closely with customers to ensure the confidentiality, integrity, and availability of systems, applications, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs; infrastructure; application; Security Assessment and Authorization (SAA), IA policy directives (PD) and guides (PG); and IA Security tools, such as Tenable.io, Nessus Pro, NMap, etc. The candidate will coordinate with other ISSOs to ensure that their requirements for interconnection, policy, and procedures are met and all documentation is provided and updated as necessary. The ideal candidate will advise the customer on the use of methods such as encryption technology, vulnerability analysis, and security management standards to protect systems and applications to meet Federal Information Security Modernization Act (FISMA) requirements. The successful candidate will prepare documentation such as, Configuration Management Plans, Incident Response Plans, Information System Contingency Plans, and Plan of Action and Milestones (POA&M) to ensure compliance with PDs and PGs and Federal IA requirements. The candidate will identify IA vulnerabilities and coordinate with the Infrastructure and Development teams to correct, mitigate, or apply for an exception via the POA&M processes. The candidate will review vulnerability and compliance SCAP and/or DISA STIGs scans on the infrastructure and applications to ensure patch and configuration compliance (on-premises and in the cloud). The successful candidate will prepare SAA package(s) to obtain and maintain an authority-to-operate (ATO), authority-to-test (ATT), or other SAA authority types for all systems and applications. The ISSO will attend and represent program security interests in various meetings within and outside of the program, and schedule and conduct meetings with pertinent program personnel to address findings to determine the appropriate path forward and document within the CMP and, if necessary, POA&M.
Requirements
- Active Top Secret Clearance; This position may require the successful completion of a Counterintelligence (CI) Polygraph
- Bachelor's degree in Information Systems Technology, Computer Science, Engineering, or related field. and 5+ years of experience in cybersecurity or risk management
- In lieu of BS, must have 9+ years of experience with any of the following certifications: CISSP, CISM, CAP, CASP+, etc.
- Experience with application installation, configuration, and operational procedures in support of cybersecurity mandates
- Ability to conduct the entire Risk Management Framework (RMF) through all seven steps
- Experience with supporting information assurance and cybersecurity development of security plans or packages supporting Assessment and Authorization (A&A) of IT systems Authority to Operate (ATO), including the implementation and assessment of cybersecurity controls
- Experience with cyber continuous diagnostics and mitigation tools, such as Splunk and Graylog
- Experience reviewing NESSUS/ACAS vulnerability scans and reviewing audit logs, including Security Technical Implementation Guides (STIGs) and Information Assurance Vulnerability Alerts (IAVA)
- Ability to assess current and evolving security threats in an operational environment
- Ability to work ONSITE in Quantico VA
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
