Security Officer Jobs

About The Position

Requirements

• You must live within the DC, MD, VA area
• Candidate must have an active DHS clearance within the last 2 years and/or CBP clearance
• Minimum of 7 years experience securing government IT systems
• Strong working knowledge of the RMF
• Experience providing security guidance to systems deployed in AWS environments
• Demonstrated understanding of technical components in an information system environment
• Understanding of cloud infrastructure, networking, containerization, and AWS related technologies
• Understanding of Zero Trust architecture
• Ability to work in a collaborative environment and independently manage individual tasks
• Outstanding verbal and written communication skills
• Experience with system categorization and control selection in accordance with FIPS 199 and NIST 800 60
• Hands on experience with vulnerability scanning tools such as Nessus or similar
• Experience supporting Continuous ATO or ongoing authorization models
• Familiarity with FedRAMP and cloud security inheritance models

Nice To Haves

• Experience working on Interconnection Security Agreements, PKI, security plans and audits
• One or more security certifications such as Security+, CISSP, GIAC, or CISM
• Experience in an Agile development environment using Jira or similar tools
• Knowledge of DevSecOps pipelines and security integrations in CI and CD
• Experience with Zero Trust maturity model compliance activities
• Ability to understand AI concepts and apply them to enhance security oversight and role effectiveness

Responsibilities

• Prepare, maintain, and implement system security plans for high visibility production systems
• Ensure implementation of security measures by working with the system’s development and operational teams, conducting interviews, and table-top exercises
• Perform various Information Assurance support functions in support of client applications
• Advise on processes that align to the Risk Management Framework
• Develop and implement security controls based on FISMA and NIST 800 53 guidelines
• Develop and implement Authority to Operate packages and provide ongoing support
• Coordinate with IT leads from partner agencies and components to identify opportunities to collaborate in developing or leveraging security capabilities
• Conduct IT audits and ensure secure information systems and network connections
• Provide security guidance and interpretation of security policy for project development teams
• Support continuous monitoring including vulnerability assessments, compliance reporting, and tracking vulnerability management and mitigation
• Partner with system owners to ensure configuration management and change control are executed in alignment with security requirements
• Review security artifacts and documentation and maintain audit ready evidence throughout the system lifecycle