Information System Security Officer

Orbis is seeking an experienced and highly motivated Information Systems Security Officer (ISSO) to join our team. The ISSO will be responsible for managing the security and integrity of information systems in compliance with Risk Management Framework (RMF) policies and procedures. This role involves working closely with government customers, security teams, and other stakeholders to ensure the security posture of our systems, maintain compliance with cybersecurity standards, and perform assessments and risk analysis.

Duties & Responsibilities

• Initiative in proactively identifying problems before they arise and creativity in proposing solutions
• Independently interpret the findings of vulnerability scanning utilities such as ACAS (Tenable Nessus) and SCAP (STIG benchmark) and manage a Plan of Actions and Milestones (POA&M) for remediation of findings
• Assess system compliance against NIST, DoD, and IC security requirements to include the NIST 800-53 and 800-171 controls, and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
• Provide Subject Matter Expert (SME) knowledge on matters related to RMF activities across multiple systems and networks of various classifications
• Participate in sessions aimed at identifying, planning, and executing strategies in response to emerging cybersecurity policies

Education & Experience

• Bachelors Degree in Computer Science, Information Technology, or a related field and at least 6 years of experience
• 10 years of experience without a degree will be accepted

Required Skills & Abilities

• Active TS/SCI clearance with Polygraph
• Independently interpret the findings of vulnerability scanning utilities such as ACAS (Tenable Nessus) and SCAP (STIG benchmark) and manage a Plan of Actions and Milestones (POA&M) for remediation of findings
• Participate in the development, modification, and implementation of the computing environment cybersecurity program plans, and requirements IAW with the RMF and IAVA Management, to include DISA STIGs/SRGs
• Develop and/or implement procedures to ensure system users are aware of their cybersecurity responsibilities before granting access to DoD Information Systems

Desired Skills & Abilities

• Experience with the CSAM tool is preferred.
• Familiarity with FISCAM compliance requirements.
• Strong knowledge of various system and network technologies
• In-depth knowledge of the Intelligence Community Directive (ICD) 503 and the Risk Management Framework process.
• Experience implementing DISA STIGs
• Detail oriented and strong communication skills

Physical Requirements

• Prolonged periods of sitting at a desk and working on a computer.
• Routine video conference and/or in-person meetings.
• Ability to attend planned meetings within the Washington Metro Area region.

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status.