Senior Information Systems Security Officer (ISSO)- Requires an ACTIVE SECRET CLEARANCE

Illuminate
Rockville, MD, US
Full-time

Overview

The ISSO will support systems and security engineering and integration to specific Government-sponsored projects, pilots and prototypes.

This includes solution planning and engineering, defining security requirements, target architecture, interoperability and integration, system testing, Verification and Validation, Modeling and Simulation, studies and analysis, post-deployment security validation (PDSV), and project risk management.

As part of this effort, you will serve as an Information Systems Security Officer who will support the Agile processes in defining security requirements, translating RMF related governance and policies as well as supporting the reduction of cybersecurity risks to our customer's environments.

Responsibilities

Essential Duties and Responsibilities :

  • Managing all aspects of an organization's information security system, for classified and unclassified systems, including researching, testing, training and implementing programs designed to safeguard sensitive information from any possible breaches.
  • Understanding the Risk Management Framework (RMF), and how risk management is executed, what risk means, and how to analyze it.
  • Spearheading Authority to Operate (ATO) and / or Authority to Proceed (ATP) efforts while making independent recommendations to Government Leads during these processes.
  • Conducting risk analysis from vulnerability and compliance scans, pen testing results, or other audit activity.
  • Creating written works to include but not limited to Plan of Action and Milestones, System Security Plans, System Specific Policies and Procedures, Configuration Management Plans, Contingency Plans and Test Results, Business Impact Analyses, and Security Impact Analyses.
  • Participating in Agile Planning Events to provide technical input.

Qualifications

Education Requirements :

Bachelor’s degree in a technical discipline and 7+ years work experience or equivalent experience or 10 years related work experience, to include :

Clearance Requirements :

Position requires at minimum a Secret Clearance, must have the ability to be cleared up to the TS / SCI level

Technical Requirements :

Experience executing the NIST Risk Management Framework (RMF) and applying security practices found in NIST publications.

SP 800-53, SP 800-30, SP 800-60, FIPS 199, FIPS 140-2,

  • Experience documenting System Security Plans to include security control implementation statements.
  • Experience conducting periodic reviews of implementation statements to ensure persistent compliance with applicable government and agency level policies in addition to ISO and NIST standards.
  • Experience validating the implementation of security controls within a cloud environment (AWS or Azure).
  • Supporting the security assessment and authorization (or ATO) process.
  • Analyzing testing results from scans, audits, penetration tests, or other test efforts to determine risk levels.
  • Hands-on experience with vulnerability management tools such as Tenable Nessus and Security Center.
  • Conducting Continuous Monitoring and maintaining the security posture of IT systems within on-prem, cloud, and hybrid environments.
  • Knowledgeable on one or more cloud computing services and technologies including but not limited to : AWS, Microsoft Azure, VMware, etc.
  • Familiarization with the Microsoft Office 365 Suite. (. Word, PowerPoint, SharePoint, Excel,

Preffered Skills / Qualifications :

  • Cyber program experience within federal customer space a plus!
  • Familiarization with Scaled Agile Frameworks (SAFe), agile development principles, and DevSecOps methodologies are a plus!
  • Experience with managing vulnerabilities on virtualized IT systems and assets or virtual machines (. VDI and is a plus!
  • Experience with SAFe Agile tools like Jira, Jira Align, or ServiceNow.
  • Certifications such as CISSP, CCSP, AWS, Microsoft Azure, CISA, CAP, and SAFe 6 are highly desired.
  • 30+ days ago
Related jobs
Promoted
CALIBRE
Bethesda, Maryland

Support software architecture development, requirements analysis, process execution and evaluation, selection and evaluation of COTS/GOTS tools, and integration (with both new and legacy systems). Candidate must possess an active TS/SCI with poly security clearance to be eligible for this role. Foll...

McIntire Solutions
Bethesda, Maryland

Provide support to senior ISSOs for implementing, and enforcing information systems security policies, standards, and methodologies. Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies. Information Systems Security Officer. Five (5) years e...

ST2 ManTech Advanced Systems Intl
Adelphi, Maryland

We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Dut...

Talascend
Gaithersburg, Maryland

The ideal candidate should possess progressively responsible work experience in an organization that has a strong information security practice, be motivated to advance in a DevSecOps environment, and has career goals of becoming a Chief Information Security Officer or Security Architect. Be respons...

American Systems
Patuxent River, MD, US (Primary)Telecommuter/Any State, US

Install, configure, and maintain an organization's LAN, WAN, data communications network, operating systems, and physical and virtual servers. We are looking for a Network and Computer Systems Administrator with demonstrated experience in managing, monitoring, and maintaining an organization's IT in...

ST2 ManTech Advanced Systems Intl
Adelphi, Maryland

They provide guidance and support to ensure compliance with security policies and procedures, and train staff on security awareness and best practices. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender ident...

Paragon Systems
Poolesville, Maryland

Additionally, you will assist in preserving order and may act to enforce regulations and directives for the site pertaining to personnel, visitors, and premises; control access to client site and facility through the admittance process; responsive in all situations; monitors entrances and exits and ...

Snaphunt
Greater Baltimore-Maryland Area, United States

Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response. Validating and verifying system security requirements and establishing system securi...

Rollout Systems
Bethesda, Maryland

Rollout Systems, founded in 2001, is a full-service services and information technology company specializing in enhanced organizational performance. Senior CISCO VOIP Network Engineer, Migration Exp, IAT Level III, W-2, Top Secret Active DOD Security Clearance (Secret okay to start). Must have an Ac...

In-Hire
Greater Baltimore-Maryland Area, United States

Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response. Validating and verifying system security requirements and establishing system securi...