Information Systems Security Officer

About The Position

Requirements

• 2+ years of experience implementing risk management methodologies contained in best practice documentation such as NIST SP 800-30, SP 800-53, SP 800-128, SP 800-160, SP 800-171, or CIS benchmarks, in support of system security configurations, practices, and oversight
• Experience as a System Administrator, Network Administrator, or ISSO
• Experience with control implementations associated with RMF, FedRAMP, ICD 503, and DoD information levels, including applying them to the design and implementation of IT solutions to achieve system authorizations
• Experience developing and reviewing ATO authorization packages in Xacta or eMASS
• Experience analyzing compliance and vulnerability scan results, and implementing appropriate mitigations
• Experience with DoD security technical implementation guides (STIGs), checklists, and testing tools, including STIG Viewer, SCAP, and ACAS scanning tools
• Experience performing audit log reviews to detect anomalous behavior in information systems and networks, and overseeing continuous monitoring activities
• Active TS/SCI clearance; willingness to take a polygraph exam
• Bachelor’s degree in a Cybersecurity field and 2+ years of experience providing cybersecurity leadership in an ISSO capacity and interfacing with internal and external SMEs such as PMs, Cyber Assessors, and AOs, or 5+ years of experience providing cybersecurity leadership in an ISSO capacity and interfacing with internal and external SMEs such as PMs, Cyber Assessors, and AOs, in lieu of a degree
• DoD Directive 8140 Qual Matrix for Information Assurance Technician Level II or Information Assurance Manager II Certification

Nice To Haves

• Ability to work through challenging security requirements to maintain compliance
• Possession of excellent written, presentation, and verbal communication skills
• Possession of excellent organizational skills
• TS/SCI clearance with a polygraph
• Bachelor’s degree in IT, Cybersecurity, Data Science, Information Systems, or CS
• CGRC, CCNA-Security, CASP+, CISSP, or Security+ Certification
• AWS Solutions Architect or Certified Security - Specialty Certification

Responsibilities

• Work with government stakeholders to identify cyber risks, understand applicable policies, and develop a mitigation plan.
• Work closely with the Information System Security Manager to monitor the information systems and their environment, including developing and updating authorization documentation and implementing configuration management across authorization boundaries.
• Work with your client to conduct risk assessments, considering data confidentiality, integrity, and availability.
• Be involved in organized incident response actions such as guiding and reporting back to key stakeholders.
• Support the team in meeting authorization timelines and coordinating communications with external entities in support of that objective.

Benefits

• health
• life
• disability
• financial
• retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care