Information Systems Security Officer

The Information Systems Security Officer will work with government stakeholders and a cloud-based application and platform development team to identify cyber risks, understand applicable policies, and develop a mitigation plan. The role involves reviewing technical, environmental, and personnel details from security engineers, platform and application developers, and enterprise architects to assess the entire threat landscape.

Requirements

• 5+ years of experience implementing risk management methodologies contained in best practice documentation such as NIST SP 800-30, SP 800-53, SP 800-128, SP 800-160, SP 800-171, or CIS benchmarks in support of system security configurations, practices, and oversight
• 3+ years of experience providing cybersecurity leadership in an ISSO capacity, interfacing with internal and external SMEs such as PMs, Cyber Assessors, and AOs
• Experience with control implementations asso ciated with RMF, FedRAMP, ICD 503, and DoD Information Levels, including applying them to the design and implementation of IT solutions to achieve system authorizations
• Experience implementing and maintaining security controls within AWS cloud, containerized, CI /CD pipeline, and Agile development environments
• Experience developing and reviewing ATO authorization packages in Xacta or eMASS
• Experience analyzing compliance and vulnerability scan results and implementing appropriate mitigations
• Experience performing audit log reviews to detect anomalous behavior in information systems and networks and overseeing continuous monitoring activities
• Active TS/SCI clearance; willingness to take a polygraph exam
• Bachelor’s degree
• CGRC, CAP, CASP+, CCSP, Cloud+, SSCP, Security+, or GSEC Certification

Benefits

• Health benefits
• Life insurance
• Disability insurance
• Financial benefits
• Retirement benefits
• Paid leave
• Professional development
• Tuition assistance
• Work-life programs
• Dependent care