Sr. Information System Security Officer (ISSO)

GDIT
Church, Falls, VA, USA
$123.3K-$166.8K a year
Full-time
Part-time

Job Description :

Guard Enterprise Cyber Operations Support (GECOS) Sr. Information System Security Officer (ISSO) : THIS POSITION ALLOWS FOR UP TO 2 DAYS REMOTE WORK A WEEK.

We are GDIT. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country.

We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that’s important.

GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day.

GDIT has an opening for a Sr. ISSO position supporting the Army National Guard (ARNG) in Falls Church, VA. This is an IT Service Management contract in support of the operation, modernization, expansion, and further evolution of the ARNG’s global Information Technology (IT) services including networking, compute, storage, infrastructure, applications, hosting, and program management services.

The GECOS program supports the ARNG enterprise IT infrastructure, its Wide Area Network (WAN), authentication and directory services, cybersecurity, application hosting, and associated services.

GECOS uses ITIL best practices framework as the basis for IT Service Management (ITSM) model.

How the Sr. ISSO will make an impact :

  • Validate security controls and documents in the Risk Management Framework (RMF) eMASS package, to include : the SSP, SAR, PIA, Categorization Form, Implementation Plan, Network Topology, HW / SW Listing, and Plan of Actions and Milestones (POA&Ms).
  • Direct Accreditation and Recertification activities for multiple EMASS ATO records networks and assist Service Owners with managing schedule to completion (ATO)
  • Interfaces with client to understand their security needs and oversees the development and implementation of procedures to accommodate them.
  • Maintain up-to-date statuses on all assigned systems and communicate status to the Government leads.
  • Develop and maintain security plans and security testing plans.
  • Be responsible and accountable for all task and reporting deadlines.
  • Continuously improve risk models; metrics; reports; processes; and activities
  • Produce actionable; risk-based reports on security assessment results.
  • Manage, train, and mentor more junior team members.
  • Create and maintain cybersecurity policies and standards.
  • Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
  • Correspond with Government customer and system administrators to communicate any unacceptable risks identified and correct deficient RMF POA&M to meet Army and DoD standards.
  • Maintain complete records of communications, submit written status reports as required, perform peer-review as directed, and attend weekly meetings.
  • Coordinate with the Security Control Assessor (SCA) to perform analysis of the overall risk level the system poses to enterprise networks and data.
  • Assist with vulnerability remediation when necessary
  • Ensure that the user community understands and adheres to necessary procedures to maintain security.
  • Maintains current knowledge of relevant technology as assigned.
  • Provides guidance in the creation and maintenance of Standard Operating Procedures and other similar documentation.
  • Upload vulnerability scans conducted on networks; systems and applications utilizing ACAS into eMASS.
  • Conducts reviews of ATCTS privilege users against 8140 requirements ensuring security of information systems assets and the protection of systems from intentional or inadvertent access or destruction.

What you'll need to be successful :

  • Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical training, or work experience.
  • Meet DoD 8570 IAM I certification requirements (CCNA-SecurityCySA+ GICSPGSECSecurity+, CECNDSSCP, CAPCNDCloud+, GSLCSecurity+ CEHCISPP, Comp TIA Security+ CE, Certified Authorization Professional (CAP)

Required Experience :

4+ years of information security management experience; preferably in the DoD environments

Experience managing vulnerability mitigation and information security process in an enterprise environment

Experience with RMF process and POA&M tracking and resolution.

Experience with NIST publications, DoD 8500 series, AR 25-2, AR 380-5, AR 380-40, FIPS.

Experience with the Enterprise Mission Assurance Support Service (eMASS).

DoD ISSO experience a must

DoD Secret Required

Preferred Skills :

Knowledge of Windows client / server; VMWare; networking; VTC / VoIP; web / application servers; databases; and network architectures

Ability to learn complex computing environments quickly; memorization skills desired

Ability to produce and disseminate reports for vulnerability assessments and compliance reporting

Location : On Customer Site with up to 2 days telework. Requires on-site support up to 45 days, if performance is good, telework can be considered part time, but no more than 2 day a week.

Could change to full time on site on direction by management or government.

The likely salary range for this position is $123,250 - $166,750. This is not, however, a guarantee of compensation or salary.

Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours :

Travel Required : None

None

T elecommuting Options :

Hybrid

Work Location : USA VA Falls Church

USA VA Falls Church

30+ days ago
Related jobs
Promoted
Zachary Piper
Chantilly, Virginia

ISSE, information system security, Chantilly, Norhtern Virginia, DC, Maryland, CISSP, CompTIA Sec+, Systems engineering, ACAS, Nessus, Vulnerability, C&A, TS/SCI, CI Poly, polygraph, federal, DoD, RMF. TS/SCI Cleared Informations Systems Security Engineer (ISSE) . SCI Cleared Informations Systems Se...

Promoted
Tyto Athene, LLC
Alexandria, Virginia

Senior Information System Security Officer. Responsibilities include defining, creating, and maintaining Systems Security Plans (SSP) to support Accreditation and Authorization (A&A) reviews and coordinating with customer security organizations as part of a delivery pipeline to achieve Authority to ...

Promoted
QinetiQ
Fort Belvoir, Virginia

QinetiQ US’s dedicated experts in defense, aerospace, security, and related fields all work together to explore new ways of protecting the American Warfighter, Security Forces, and Allies. Integrated Sensors Architecture (ISA) enables sensors and systems of any type to readily integrate into an exis...

Promoted
Leidos Holding
Arlington, Virginia

Working knowledge of security system controls, policies, technical security safeguards, and operational security measures. Identify key stakeholders in A&A efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data fl...

Promoted
Gamestop
McLean, Virginia

Reporting security incidents not involving IT resources to the appropriate security office; and representing the security team as part of change management for assigned information systems. Subject Matter Expert (SME) Information System Security Manager. Department of Homeland Security (DHS), Cybers...

Promoted
Leidos Holding
Arlington, Virginia

The Information System Security Manger (ISSM)/Information Assurance (IA) Team Manager is the primary IA decision maker and responsible for the management and technical administration of the Information System (IS) in accordance with internal and external security requirements. Working with the Facil...

American Systems
Arlington, Virginia

Are you an experienced Contract Program Security Officer (CPSO)? Then we have a great opportunity for you to work within executive-level DoD multi-level security environments. Conduct security inquiries, identify suspected security infractions and violations, develop reports, and make recommendation...

GDIT
Reston, Virginia

Information System Security Officer (ISSO). Information Systems Security Officer – TS/SCI required. Interface with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc. Experience with NIST Special Publication 800-37 Revision 1, Gu...

ARSIEM
Arlington, Virginia

Information Systems Security Officer/Manager. Security Management: Develop and maintain System Security Plans (SSPs) and IAVM processes, ensuring full compliance with RMF, DoDI, NIST 800-53 Rev 4, JSIG, and NISPOM standards. System Monitoring and Incident Response: Monitor systems for security incid...

Base-2 Solutions
Reston, Virginia

Ensure that the information system security-related documentation is current and accessible to authorized individuals. Guide system development and implementation planning through assessment or preparation of system engineering management plans and system integration and test plans. Support the full...