ISSO (S-NET)

Position Type: Full-time
Location Type: Onsite
Clearance Required: Active TS w/ SCI eligibility

Waypoint's client is seeking an Information System Security Officer (ISSO) will be responsible for the security posture of the system throughout its lifecycle, ensuring compliance with security standards, regulations, and best practices. This role will work closely with the team to monitor, assess, and maintain the security controls, ensuring that systems meet the necessary security requirements as outlined in the Risk Management Framework (RMF).

Responsibilities :

• Serve as the primary point of contact for security compliance and oversight, ensuring adherence to security policies and RMF requirements.
• Collaborate with the ISSE and other engineering teams to assess and integrate security controls, providing security guidance for design and implementation efforts.
• Monitor and manage the security posture of systems, ensuring that security controls are effective and compliant with applicable standards and regulations.
• Assist in the development and maintenance of RMF documentation and artifacts, ensuring proper security controls and safeguards are implemented for all systems.
• Coordinate with other engineering teams to ensure security requirements are addressed throughout the lifecycle of IT systems, from initial design to ongoing maintenance.
• Conduct security assessments and audits, identifying vulnerabilities and recommending mitigations to strengthen the overall security posture.
• Review and maintain security-related documentation, ensuring all system components and information types are clearly described and aligned with security policies.
• Provide support for security authorization and accreditation processes, ensuring compliance with federal laws and regulations and assisting in the creation of security test and evaluation plans.

Requirements :

• Proven ISSO expertise across a large-scale enterprise Information Technology (IT) program
• Familiar with RMF and DoDAF 2.0 processes and standards
• Familiar with Scrum methodologies
• IAM Level I certification required
• Proven experience performing security engineering across enterprise systems and networks.
• Proven experience performing Systems Security tasks including: Security Information and Event Monitoring (Splunk); Endpoint security (HBSS); password and credential management (CyberArk); Compliance and vulnerability scanning (ACAS / Nessus); and Code Scanning (Fortify).
• Proven experience performing Network Security for Firewalls, Intrusion Detection Systems (IDS)/ Intrusion Prevention Systems (IPS)
• Proven experience with Cisco products (Cisco Security Manager, Cisco FireSight Management Center, Cisco Firewall Service Modules (FWSM), Cisco IPS/IDS modules, Cisco Firepower IDS/IPS, Advance Malware Protection (AMP) services, Cisco Identity Services Engine (ISE) services, etc.

Desired:

• ITILv4 Foundation Certification desired.

Education Required Salary Range Requires 2 to 5 years with BS/BA or 0 to 2 years with MS/MA/MBA or 8 to 10 years with no degree. $106-132K Requires 5 to 8 years with BS/BA or 3 to 5 years with MS/MA or 0 to 2 years with PhD.

*Waypoint Human Capital is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender, national origin, age, protected veteran status, or disability status