Security ISSO

About The Position

Requirements

• Bachelor's degree in computer science or IT related degree; master's degree or equivalent professional experience in information security is preferred
• Ability to create and maintain system BOE documents to include SSPs, architecture diagrams, contingency planning, and continuous monitoring documentation
• Ability to write and modify documents to include SOPs, processes, and other guidance documentation
• Comprehensive knowledge of corporate Systems/Solutions Architecture processes and trends
• Strong leadership, organizational, and communication skills
• Secret Clearance to start
• Knowledge of Agile software development process
• Experience with Azure AD
• 10 years of relevant experience
• Experience with Cloud Security
• Experience working with leading firewall, network scanning and authentication technologies
• Experience working with internet, web, application and network security techniques
• Experience in Agile methodology
• Experience in Jira to support development team in agile environment
• Experience working in Federal or State government environments
• Ability to work independently and remotely

Nice To Haves

• CISSP desired
• Active DoD 8570 IAT Level II Certification (Security+ CE)

Responsibilities

• Ensure security policies and procedures are implemented
• Authors Standard Operating Procedures, policies, and IA plans of action to ensure systems compliance with Federal/DoD guidance
• Identifying corrective actions/mitigation strategies to achieve/sustain Risk Management Framework (RMF) compliance
• Review and analyze system implementation plans
• Advising system owners and stakeholders on new deployments and advanced cyber security techniques
• Serve as the primary authority on System security
• Oversee the implementation of NIST SP 800-53 controls, CNSI and FedRAMP requirements across Azure Gov and Azure Secret cloud environments
• Develop and maintain security documentation (System Security Plans, security policies, procedures)
• Manage the ATO process by conducting risk assessments, coordinating with authorizing officials, and tracking Plans of Action & Milestones (POA&Ms) for identified gaps
• Monitor system security posture daily by reviewing audit logs and SIEM alerts (Splunk, Azure Sentinel) for suspicious activity or policy violations
• Ensure timely incident investigation and response with the DevOps team
• Guide DevOps and Engineering teams on secure configuration baselines
• Verify that all system changes pass security review and change controls
• Coordinate regular vulnerability scanning and penetration testing of cloud infrastructure and applications
• Ensure any discovered vulnerabilities are remediated within required timeframes
• Enforce robust access controls and identity management
• Regularly review user accounts and privileges in Azure AD and Azure Gov environments
• Ensure multifactor authentication and PKI usage in accordance with federal security policies
• Provide security training and guidance to engineering teams
• Foster a culture of security awareness, and stay up to date on government cybersecurity directives to adapt security strategies

Benefits

• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Full-flex work week to own your priorities at work and at home