Information Systems Security Officer, Staff

About The Position

Requirements

• 2-4 years of experience in related field.
• Secret clearance.
• CSWF certification preferred.
• Experience supporting DoD or federal information assurance programs, including Authorization to Operate (ATO) package support.
• Familiarity with security scanning, compliance validation, system hardening, and audit support.
• Experience supporting incident response, vulnerability management, and continuous monitoring activities.

Nice To Haves

• Advanced cybersecurity certifications such as CISSP, CASP+, or CISM are a plus.
• Knowledge of risk management and security control assessment methodologies.
• Evaluate products and support various aspects of system administration from a security perspective.
• Experience with security tools, vulnerability scanning platforms, and compliance reporting.
• Understanding of security architecture principles and secure system configuration practices.
• Ability to effectively use JIRA and Confluence to document security activities, track findings and remediation actions, manage workflow, and coordinate with developers, program managers, and other stakeholders.
• Ability to manage multiple priorities and support deadlines in a regulated environment.
• Strong analytical, documentation, and problem-solving skills.

Responsibilities

• Supports and implements security requirements within the organization’s business processes and system environments.
• Prepare security documentation using accepted frameworks and guidelines, including RMF, Xacta, and related accreditation processes.
• Lead and facilitate meetings, briefings, and cross-functional discussions with technical and non-technical stakeholders to communicate security status, risks, vulnerabilities, assessment results, and remediation progress, and to drive alignment and timely resolution of identified issues.
• Develop and maintain Security Test and Evaluation (ST&E) plans, ensuring the implementation of Security Technical Implementation Guides (STIGs), and Plan of Action and Milestones (POA&Ms).
• Provide certification and accreditation support, including developing, updating and maintaining security plans (SPs) and contingency plans.
• Conduct complex risk assessments and vulnerability assessments and recommend mitigation strategies.
• Analyze policies, procedures, and system implementations against applicable federal laws, regulations, and security standards; identify gaps and recommend corrective actions.
• Recommend system enhancements and corrective actions to address security deficiencies.
• Oversee secure configuration practices, guides implementation and validation of security tools, reviews compliance scan results, advise stakeholders on remediation priorities, and evaluates products and administrative practices for security impact and enterprise suitability
• Conduct security program audits and develop remediation strategies to reduce identified risks.
• Perform vulnerability assessments and track remediation through resolution.
• Develop strategies to support compliance with privacy, risk management, and e-authentication requirements.
• Provide information assurance support for the development and implementation of security architectures to address new and evolving requirements.
• Evaluate, develop, and enhance security policies, requirements, and tools.
• Support computer security incident investigations and response activities.

Benefits

• healthcare benefits
• paid leave
• retirement plans
• insurance programs
• education and training assistance