IZN1449 Information Security Systems Officer (ISSO)

Twitter Facebook
Apply
Location
Bethesda, MD
Job Type
Direct Hire
Date
Sep 06, 2017
Job ID
2487067
Information Security Systems Officer (ISSO)
Location: Bethesda, MD
Clearance: Clearable US Citizen (Ability to obtain EOD)

Our great client is a leading provider of cloud managed services, agile software development, DevOps, systems engineering, and IT service management.  We work collaboratively with our customers to solve their biggest challenges through a commitment to delivering innovation, agility, and maximum value. Our employees are empowered to think outside of the box and provide innovative solutions to our customers and provide measurable cost savings.

Position Description:

The selected candidate shall provide Information System Security Officer (ISSO) and Acting Information Security Officer (AISSO) support to designated federal ISSOs to ensure customer systems maintain their Authority to Operate (ATO) with a security posture in accordance with DHS 4300A Rev 4 and NIST SP 800-53A Rev4 guidance. This support shall include providing IT security assessment and IT security audit functions to ensure FISMA compliance, support in developing and maintaining documentation in support of Certification & Accreditation (C&A) as required by the Federal Information Security Management Act (FISMA); ensuring all C&A and system security documentation (Security Plan, Privacy Threshold Analysis, Privacy Impact Assessment, e-Authentication, FIPS-199, Business Impact Analysis) is kept up to date or create C&A documentation when needed; and ensuring systems meet all security requirements mandated by DHS 4300A and DHS Management Directives.  
 
Responsibilities:
  • Follow the Information Systems Security Officer (ISSO) Guide, V10, when developing, updating, or reviewing required security artifacts in the Xacta Information Assurance Manager.  Ensure proper access controls are implemented for both system access and physical access to data processing facilities
  • Create, update and assess compliance of system Authority to Operate (ATO) packages.
  • Provide information security expertise to system development teams throughout the System Engineering Lifecycle process. 
  • Ensure Plan of Action & Milestone (POA&M) and other compliance and vulnerability issues are remediated in a timely fashion.
Qualifications for this position include:
  • Any DoD 8570 approved baseline certifications (e.g. CISSP, CEH, CAP, CISM)
  • Ensure proper access controls are implemented for both system access and physical access to data processing facilities
  • Experienced with creating Security Plan, Privacy Threshold Analysis, Privacy Impact Assessment, e-Authentication, FIPS-199, Business Impact Analysis
  • Provide information security expertise to system development teams throughout the System Engineering Lifecycle process
  • Independently manages workload and provides guidance to less experienced staff
  • At least five years of experience with FISMA Compliance and the NIST RMF
  • Demonstrated expertise in SELC, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security, activities related to Ongoing Authorization
  • Knowledge of information security best practices, Enterprise Architecture,
  • Experience with Xacta IA manager, Nessus Security Center, Splunk, FedRAMP, Data Centers, AWS, and prior DHS experience strongly preferred.
Education: Typically requires B.S. degree in computer science, systems engineering, or electrical engineering, or industry equivalent experience required, and minimum of 5 years of related experience in information security.