Information Systems Security Officer
About The Position
The Information Systems Security Officer role requires expert-level knowledge and execution within the Risk Management Framework to support NIST SP 800-53 HHM systems through the Authorization & Accreditation (A&A) process. Key responsibilities include constructing comprehensive security documentation such as System Security Plans (SSPs) and Plan of Actions and Milestones (POA&Ms), identifying security controls, and collaborating with engineering, development, and testing staff to create proper test plans. The officer will also implement and review security audits, coordinate all security testing exercises with external teams, and configure/support various AWS services to maintain the system's security posture. This position demands strong technical skills, analytical abilities, and extensive experience in system security analysis, risk management, and a broad understanding of information security policies and guidance. An active Top Secret SCI Clearance with Polygraph is a mandatory requirement.
Requirements
- Must Be a US Citizen
- Active Top Secret SCI with Poly
- Demonstrated strong technical skills and analytic abilities, as well as experience performing system security analysis and risk management.
- Demonstrated experience with security in the Amazon Web Services environment.
- Demonstrated experience performing complex technical tasks in pursuit of overall goals with minimal direction.
- Demonstrated experience in translating an understanding of systems and applications into security test plans and perform hands on security testing.
- Demonstrated knowledge of risk management methodologies.
- Demonstrated experience to analyze test results and suggest mitigations for security problems.
- Demonstrated technical experiences with system configuration, development, and design specifically around enterprise systems and hypervisors.
- Demonstrated experience with Linux and virtual platforms.
- Documented working experience with public and private information security groups and organizations.
- Possesses experience with communicating vulnerability results and risk posture to senior executives.
- Possess a broad knowledge of Information Security policies and guidance, as well as the ability to assist in researching, evaluating, and developing relevant security policies and guidance
Responsibilities
- Provide expert-level knowledge, both in context and execution with the Risk Management Framework to support a NIST SP 800-53 HHM systems through the A&A process.
- Construct thorough and complete security documentation to include, but not limited to, System Security Plans (SSPs), Plan of Actions and Milestones (POA&Ms), and any other artifacts to support the Body of Evidence (BOE), for sponsor's approval.
- Identify security controls and work with engineering, development and testing staff to construct proper test plans and procedures.
- Implement security audit reviews verifying that the audit records are collected and reviewed.
- Coordinate all security testing exercises, working with external assessment teams and technical staff.
- Configure and support various AWS services to protect the security posture of the system
Benefits
- Medical
- Dental
- Vision
- Health Savings Account
- Paid Time Off
- Holidays
- Social Events
- Employee Assistance Program
- Team Building Activities
- 401K
- Tuition Assistance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
Number of Employees
1-10 employees
