Senior ISSO - US Citizenship Required

Ready to Ignite your career and work alongside some of the most innovative and brightest professionals in innovative technology? Join us and unleash your potential working in an Agile environment while modernizing enterprise systems and applications needed to support the men and women charged with safeguarding the American people and enhancing the Nation’s safety, security, and prosperity.

As a Senior ISSO, you will assist Cybersecurity Team members while being responsible for the Information Assurance and Security of application, database, and enterprise network services. You will also be responsible for activities associated with delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects; basic responsibilities include :

• Implement Cybersecurity Program strategy
• Apply information security in accordance with National / DHS / CBP directives security policy including, but not limited to, NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171, DHS 4300A, CBP Handbook 1400-05D
• Assess entire system lifecycle requirements and network security impacts
• Support creation of, and ensure approval for, Department of Homeland Security (DHS) Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects
• Support program and customer management, and government Authorizing Official (AO) for all information security status, policies, and procedures
• Document DHS RMF Security Implementation Plan artifacts.  Coordinate and assist development team with application artifact documentation
• Assist government personnel in preparing and presenting Information Assurance Compliance System (IACS) packages to the Control Assessor (SCA) Assess and analyze the current threat environment
• Enhance – Implement Cybersecurity vulnerability / A&A hardening testing
• Optimize – Cybersecurity development environment certification
• Architect & Engineer security – develop security goals, capabilities, controls, and architecture
• Design & Implement security – vulnerability management, build security into development
• Integrate & Test Security – test patches and settings, document A&A artifacts
• Validate & Verify security – validate patch status and software control status
• Implement security – apply patches and security settings, performance incident handling and remediation
• Maintain security posture – audit security settings, track security training, monitor threats, track reaccreditation
• Enable assurance for information security during all phases of agile software development and deployment
• Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth
• Identify, assess, and recommend zero-day cyber threat remediation
• Address Cybersecurity issues to help maintain Continuity of Operations Plans (COOP)
• Perform information security vulnerability testing and mitigate any nonconformance
• Supports reviews and audits of continuous system monitoring and contingency planning. Updates associated documentation as needed
• Create and manage Plan of Action & Milestones (POA&M)
• Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects
• Understand and assist developers with static code analysis processes
• Report and help investigate security-related incidents and security violations as requested by the Computer Security Incident Response Center (CSIRC)
• Monitor and inspect for approved software usage and implementation of approved antivirus and other security related software
• Develop and maintain security training programs are developed and maintained

Requirements

Benefits