Information System Security Officer - (ISSO)

Information System Security Officer - (ISSO) - (45)

This details all the information about the job posting.

Making sure you fit the guidelines as an applicant for this role is essential, please read the below carefully.

Job Title : Information System Security Officer - (ISSO)

Location : Washington, DC 20375 US (Primary)

Job Type : Full-Time

Education : Bachelor's Degree

Travel Requirement : 0 - 25%

Minimum Security Clearance Required : TS

Job Description :

Envisioneering, Inc. is seeking an Information Systems Security Officer (ISSO) to support an active government contract. This position will be responsible for the following :

• Lead the RMF process for assigned programs, organizations, systems, or enclaves.
• Maintain and report system’s A&A status and events.
• Manage the SP for assigned systems throughout their lifecycle.
• Perform annual security reviews, annual testing of security controls, and annual testing of the contingency plan, in line with FISMA requirements.
• Manage POA&M entries and ensuring vulnerabilities are properly tracked, mitigated, and resolved.
• Assist with identification of the security control baseline set and any applicable overlays.
• Supervise the validation of security controls with the PM / ISO, SCA Liaison, PSO, and AO CSA.
• Assemble the Security Authorization Package and submit for adjudication.
• Register and maintain the system in eMASS.
• Assess the quality of security control implementation against all requirements in accordance with the approved SLCM strategy.
• Plan and perform cybersecurity testing to assess security controls and recording security control compliance status during sustainment.
• Report changes in the security posture of systems to the AO.
• Utilize the Collaboration Board in eMASS workflow for all formal coordination during the RMF process.
• Assist the ISSMs in executing their duties and responsibilities.
• Ensure compliance with all USN, DON, and DoD cybersecurity policies.
• Ensure all users possess the requisite security clearances and awareness of their responsibilities for systems under their purview prior to being granted access.
• Ensure an incident response, business continuity, disaster recovery, as well as vulnerability and threat reporting plans and channels are in place and that team members are trained accordingly.
• Ensure relevant policy and procedural documentation is current and accessible to properly authorized individuals.

Assist the ISSE with the following responsibilities :

• Oversee the development and maintenance of a system’s cybersecurity solutions.
• Identify AO and SCA cognizance of the system as well as any specific authorization requirements.
• Identify mission criticality.
• Identify and tailor the security control baseline with applicable overlays.
• Assist with development, maintenance, and tracking of the SP.
• Lead the security control implementation and testing efforts.
• Perform vulnerability-level risk assessment on the POA&M / RISK Assessment Worksheet.
• Assist with any security testing required as part of A&A or annual reviews.
• Assist in the mitigation and closure of open vulnerabilities under the system’s change control process.
• Oversee cybersecurity testing to assess security controls and recording security control compliance status during the continuous monitoring phase of the lifecycle.

Assist the ISSM with the following responsibilities :

• Support necessary compliance activities.
• Continuously validate the organization against policies and guidelines to ensure compliance.
• Acquire and manage the necessary resources to support information technology (IT) security goals and objectives.
• Advise senior management on risk levels and security posture.
• Collect and maintain data needed to meet system cybersecurity reporting.
• Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.
• Ensure security improvement actions are evaluated, validated, and implemented as required.
• Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
• Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
• Manage the monitoring of information security data sources to maintain organizational situational awareness.

MINIMUM SKILLS / QUALIFICATIONS :

• Must have and maintain a DoD Top Secret Clearance.
• 15+ years of technical and managerial experience in system administration and information security / cybersecurity.
• CISSP, CISM, or other DOD 8570.01-M IAM Level 3 certification.
• Bachelor’s degree with a concentration in a related discipline.
• Self-motivated and the ability to multi-task and balance multiple goals and priorities.
• Familiar with DOD Risk Management Framework (RMF) policies and associated tools.

SALARY RANGE : $150,000.00 - $180,000.00

Benefits : Envisioneering, Inc. offers a stable work environment, a competitive salary, and a comprehensive benefits package.

As a condition of employment : You must pass a drug and pre-employment drug screening. U.S. Citizenship Required.

Envisioneering Inc. is an Equal Opportunity Employer that does not discriminate on the basis of any characteristic protected by applicable laws.

J-18808-Ljbffr