Information Systems Security Officer

About The Position

Requirements

• 2+ years of experience implementing risk management met hodologies contained in best practice documentation such as NIST SP 800-30, SP 800-53, SP 800-128, SP 800-160, SP 800-171, or CIS benchmarks, in support of system security configurations, practices, and oversight
• Experience as a System Administrator, Network Administrator, or ISSO
• Experience with control implementations asso cia ted with RMF, FedRAMP, ICD 503, and DoD information levels, including applying them to the design and implementation of IT solutions to achieve system authorizations
• Experience developing and reviewing ATO authorization packages in Xacta or eMASS
• Experience analyzing compliance and vulnerability scan results, and implementing appropriate mitigations
• Experience with DoD security technical implementation guides ( STIGs ) , checklists, and testing tools, including STIG Viewer, SCAP, and ACAS scanning tools
• Experience performing audit log reviews to detect anomalous behavior in information systems and networks, and overseeing continuous monitoring activities
• Active TS/SCI clearance; willingness to take a polygraph exam
• Bachelor’s degree in a Cybersecurity field and 2+ years of experience providing cybersecurity leadership in an ISSO capacity, interfacing with internal and external SMEs such as PMs, Cyber Assessors, and AOs, or 5+ years of experience providing cybersecurity leadership in an ISSO capacity, interfacing with internal and external SMEs such as PMs, Cyber Assessors, and AOs, in lieu of a degree
• DoD Directive 8140 Qual Matrix for Information Assurance Techni cia n Level II or Information Assurance Manager II Certification

Nice To Haves

• Ability to work through challenging security requirements to maintain compliance
• Possession of excellent written, presentation, and verbal communication skills
• Possession of excellent organizational skills
• TS/SCI clearance with a polygraph
• Bachelor’s degree in IT, Cybersecurity, Data Science, Information Systems, or CS
• CGRC, CCNA-Security, CASP+, CISSP, or Security+ Certification
• AWS Solutions Architect or Certified Security - Spe cia lty Certification

Responsibilities

• Work with government stakeholders to identify cyber risks, understand applicable policies , and develop a mitigation plan.
• Work closely with the Information System Security Manager to monitor the information systems and their environment, including developing and updating the authorization documentation and implement configuration management across authorization boun dari es
• Conduct risk assessments, considering data confidentiality, integrity, and availability.
• Be involved in organized Incident Response actions such as guiding and reporting back to key stakeholders.
• Support the team in meeting authorization timelines and coordinating communications with external entities in support of that objective.

Benefits

• Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care.
• Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values.
• Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs.