Information System Security Officer – ISSO
Ashburn, Virginia, United States of America
Full Time
15 hours ago
$90,300 - $189,600 USD
No Visa Sponsorship
Key skills
Cyber SecurityCommunicationCollaboration
About this role
Role Overview
- The ISSO is responsible for the Information Assurance and Security system and network services.
- Responsible for activities associated with delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects; responsibilities include: Meet the government’s cybersecurity accreditation process to achieve an Authority to Operate (ATO).
- Maintain the Security Authorization or Authorization to Operate (ATO) of assigned systems and conduct initial and annual risk assessments.
- Identify required STIGs and guide system certification based on project requirements.
- Prepare a certification package, including STIG assessment and documentation, vulnerability and scan assessments, and conduct quarterly software security reviews.
- Ensure all security measures comply with applicable government policies.
- Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, SCTM)
- Develop, monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned facilities and Information Systems
- Participate in internal and external security audits and inspections and perform risk assessments.
Requirements
- Must be a U.S. Citizen, with an active Government security clearance.
- College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline or equivalent years of experience.
- Certifications: Must have Security+ Certification or equivalent DOD 8570 IAT Level 2 certification. CISSP certified a plus.
- Demonstrated knowledge of National/DoD/Army Directive security policies.
- Demonstrated knowledge of directive, guidelines, processes, and procedures for maintaining the security, integrity, and confidentiality of secure facilities, containers, and communications.
- Demonstrated experience using Army or equivalent eMASS.
- Demonstrated experience with Assured Compliance Assessment Solution (ACAS)/Tenable Nessus Vulnerability Scanner
- Demonstrated experience with DISA Security Content Automation Protocol (SCAP), Evaluate STIG (eSTIG), and STIG Viewer v3 required
- Demonstrated knowledge of DOD RMF accreditation implementation
- Ability to identify and manage risk.
- Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement.
- Excellent written and verbal communication skills.
- Strong collaboration skills and desire to work within a team.
- Understanding of all elements of the DOD Cybersecurity policies and requirement
- Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter
- 10+ years related technical experience.
Tech Stack
- Cyber Security
Benefits
- healthcare
- wellness
- financial
- retirement
- family support
- continuing education
- time off benefits