Our client has a permanent full-time role as an Information Systems Security Officer located in Columbia, MD. This role comes with excellent pay, benefits, paid time off, IRA, and others. Please send resumes to firstname.lastname@example.org to be considered for this role. Must be a U.S. citizen with active DOD Secret clearance.
· Applies cybersecurity standards, directives, guidance, and policies to classified computing environments to effectively manage the security aspects and the day-to-day security operations of assigned systems.
· Under general guidance from management, collaborate with staff in Engineering, Compliance, Security, I.T., and other organizations to develop and implement efficient and appropriate technology, user training, processes, procedures, and compliance programs integrated seamlessly with day-to-day operations of complex operations large-scale computing infrastructure.
· Participate in reviews and technical inspections to identify and mitigate potential I.A. security weaknesses and ensure that all security features applied to a system are implemented and functional.
· Provides support for a program, organization, system, or enclaved information assurance program.
· Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
· Maintains operational security posture for an information system or program to ensure security policies, standards, and procedures are established and followed.
· Assists with the management of security aspects of the information system and performs day-to-day security operations of the system.
· Manage the System Engineering Life Cycle (SELC) for I.A./Network Designs; responsibilities include:
• Participate in planning and executing the SELC process
• Provide information security expertise to system development teams
• Prepare, review or comment on all SELC security documents
• Ensure appropriate security controls are applied during each SELC Phase (e.g., software, hardware, CM)
• Ensure IA compliance test data is gathered during system testing
• Conduct and direct continuous monitoring during Operations and Maintenance Phase, to include
· Maintenance of a current ATO
· Monitoring compliance
· Conducting Annual Assessments
· Conducting periodic scans
· Conducting audit log reviews
· Ensuring media is adequately sanitized before disposal
· Evaluate security solutions to ensure they meet security requirements for processing classified information.
· Perform vulnerability/risk assessment analysis to support certification and accreditation.
· Provides configuration management (CM) for information system security software, hardware, and firmware.
· Assesses the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)
· Has an understanding [of] the Risk Management Framework (RMF) that uses Committee on National Security Systems (CNSS) Instruction 1253 and the National Institute for Standards and Technology (NIST)800-53 security controls.
· Supports security authorization activities in compliance with Customer/ DoD Information Assurance Certification and Accreditation Process (DIACAP).
· Five (5) years ISSO experience, or equivalent systems security-related experience, and knowledge of systems functions, security policies, technical security safeguards, and operational system measures.
· Bachelor’s Degree in I.T. related field
· Eight years of related work experience or equivalent experience.
· 8140/8570-compliant certification
· Security+ or CISSP
· Active DoD Clearance required
· U.S Citizenship Required
Experience in preparing reports such as:
· System Security Plans (SSPs)
· Risk Assessments Reports,
· Certification and Accreditation (C&A) packages
System Requirements Traceability Matrixes (SRTMs), as well as having an understanding of the Risk Management Framework (RMF) that uses Committee on National Security Systems (CNSS) Instruction 1253 and the National Institute for Standards and Technology (NIST) 800-53 security controls.
To apply for this job email your details to email@example.com