Drives Logic is helping our growing client add an Information System Security Officer (ISSO) to join thier expanding business. This position is located with our client in the Washington, DC Metro Area, and is expected to be mostly remote. The ISSO will report to program leadership and to the Federal client within their Office of the Chief Security Officer (OCSO).
Our client is a proud Service-Disabled Veteran-Owned Small Business based in the Washington, D.C. Metropolitan area providing management consulting services to Federal agencies and organizations supporting the public sector. With many years of public sector expertise, they offer exceptional client services in the areas of Strategic Communications and Integrated Marketing (SCIM), Information Technology (IT), Human Capital Management, Organizational Development, and Enterprise Optimization. They are team oriented, continuous learners, hard-working, creative thinkers, and most of all, kind people. They are a different kind of company with a truly unique culture, one that values their employees and shares a passion for serving their clients. If that sounds like you too, then they would really like to meet you.
- Responsible for maintaining and enforcing all Information Security policies, standards, and guidelines.
- Reviews and updates SSPs as needed. Evaluates proposed changes to a system to ensure the change does not impact the system’s security.
- Collaborates internally and externally to develop and support operational procedures to mitigate risks related to classified data spills, intrusions, and unauthorized accesses within Federal compliance guidelines relative to specific Federal agency clients to maintain system integrity and availability.
- Strong verbal and written skills required providing management status reports and document system changes.
- Implement baseline changes under tech lead oversight. Review audit logs.
- Conduct vulnerability scans and review results for compliance.
- Monitor POA&M status.
- Ensure all system users and people with security responsibilities receive their annual awareness training.
- Assist with the configuration management for information system security software, hardware, and firmware
- Review and validate user access rights.
- Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, and Certification and Accreditation (C&A) packages.
- Support maintaining the appropriate operational information assurance posture for a system and program.
Required Experience and Qualifications
- 5+ years of experience with executing the analysis, assessment, design, and implementation of enterprise Cybersecurity solutions.
- Experience with the National Institute of Standards National Institute of Standards and Technology (NIST) and Federal Information Security Management Act (FISMA) requirements and reporting.
- Experience with engineering and implementing security-based solutions to further automate and improve the security posture of systems and their supporting infrastructure.
- Experience with applying security systems concepts, requirements, design development, implementation, and integration to information systems.
- Experience with risk mitigation and selecting or designing appropriate security controls for implementation.
- Information Assurance experience including evaluating, testing, certifying and accrediting information systems as well as Commercial Off The Shelf (COTS) and Government Off The Shelf (GOTS) products.
- Experience with maintaining vulnerability scanning tool compliance and patch management, including ensuring IT staff pushes patches to all systems, maintains compliance with directives, manages changes to the system, and assess the security impact of the changes.
- Experience in managing the security posture of cloud environment, and working with engineering teams to remediate, and communicating overall risk of environment while identifying areas of improvement.
- Working knowledge of security system controls, policies, technical security safeguards, and operational security measures to include various government security requirements, NISPOM, and ICD 503.
- Active Top Secret clearance required.
- Bachelor’s Degree required.
- CISSP preferred.
Client Clearance Requirements
- US Citizenship required
- Active Top Secret Clearance required
*Our client is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender/sex, marital status, sexual orientation, physical or mental disability, military/veteran status, citizenship status, the basis of genetic information or any other group protected by Federal or State law or local ordinance. People with disabilities who need a reasonable accommodation to apply or compete for employment may request such accommodation(s).
To apply for this job email your details to email@example.com