Yesterday
Top Secret/SCI
Unspecified
Polygraph
IT - Security
MD (On-Site/Office)
We're searching for talented individuals who provide intelligence, engineering, and mission management expertise for the Government. This program will maximize the effectiveness and efficiency of our country's most important missions both at home and abroad. If you are ready to support a high-performing team that truly makes a difference, then come join us!
Job Description:
The candidate will be responsible for security architecture and systems engineering supporting projects. The ISSO will provide guidance to the team to support system accreditation (IATT and ATO).
ISSO tasks include:
• Prepare system security plan (SSP) and provide recommendations to assist in obtaining ATOs.
• Identify, develop (either directly, or in coordination with applicable experts), review and incorporate common artifacts found in an RMF accreditation package such as: system architecture and boundaries, hardware and software lists, risk assessment reports, POA&Ms, data flows, and other necessary system, network, and application documentation.
• Work with ISSM and DAOs to ensure systems obtain and maintain accreditation.
• Verify package submissions have met the threshold for approval such as: C&A Package for System Reauthorization, SAR Findings, CTO's, POA&Ms, and System Security Plans (SSPs).
• Apply continuous monitoring techniques to evaluate the systems security posture.
• Create tasking for developers and system administrators as changes and patching are required.
• Oversee the implementation of software patches to maintain the security posture of the organization.
• Responsible for implementing, and enforcing information systems security policies, standards, and methodologies.
• Familiarity with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus) necessary to identify and document compliance.
• Review Audit Logs on a weekly basis.
• Perform Data transfers on a weekly basis driving from CACI Hanover Office to Ft. Meade.
• Maintain and report assessment and authorization statuses and issues in accordance with organizational guidance.
• Understand the PRIVAC process. Support personnel with new PRIVAC requests and extensions.
The Level 2 Information Systems Security Officer shall possess the following capabilities:
Qualifications:
Certifications Required:
Position requires active Security Clearance with appropriate Polygraph
Pay Range: 125,000-195,000
The RealmOne pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Our approach to crafting offers considers various factors to establish an equitable and competitive compensation package. These considerations include, but are not limited to, the extent and intricacy of the role's responsibilities, the candidate's educational background, their work experience, and the specific competencies crucial for success in the role.
RealmOne Benefits:
ABOUT US
We're an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
Job Description:
The candidate will be responsible for security architecture and systems engineering supporting projects. The ISSO will provide guidance to the team to support system accreditation (IATT and ATO).
ISSO tasks include:
• Prepare system security plan (SSP) and provide recommendations to assist in obtaining ATOs.
• Identify, develop (either directly, or in coordination with applicable experts), review and incorporate common artifacts found in an RMF accreditation package such as: system architecture and boundaries, hardware and software lists, risk assessment reports, POA&Ms, data flows, and other necessary system, network, and application documentation.
• Work with ISSM and DAOs to ensure systems obtain and maintain accreditation.
• Verify package submissions have met the threshold for approval such as: C&A Package for System Reauthorization, SAR Findings, CTO's, POA&Ms, and System Security Plans (SSPs).
• Apply continuous monitoring techniques to evaluate the systems security posture.
• Create tasking for developers and system administrators as changes and patching are required.
• Oversee the implementation of software patches to maintain the security posture of the organization.
• Responsible for implementing, and enforcing information systems security policies, standards, and methodologies.
• Familiarity with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus) necessary to identify and document compliance.
• Review Audit Logs on a weekly basis.
• Perform Data transfers on a weekly basis driving from CACI Hanover Office to Ft. Meade.
• Maintain and report assessment and authorization statuses and issues in accordance with organizational guidance.
• Understand the PRIVAC process. Support personnel with new PRIVAC requests and extensions.
The Level 2 Information Systems Security Officer shall possess the following capabilities:
- Experience with:
- The ICD 503/NIST 800-53 certification and accreditation process
- The Risk Management Framework
- Developing and maintaining SSPs
- IAVA review and handling
- Interpreting Security Scan results
- Interfacing with System Administrators and Software Engineers
- Task tracking systems (e.g. Jira, Redmine, ServiceNow)
- Understands:
- Public Key Infrastructure-based authentication
- A variety of security policies, especially within the IC
- fundamentals of technical security risk assessment
- Understands how to perform analysis of alternatives
- Able to clearly communicate ideas and status updates to management and other stakeholders.
Qualifications:
- Bachelor's degree in Computer Science or related discipline from an accredited college or university
- Ten (10) years experience as an ISSO on programs and contracts of similar scope, type, and complexity is required. Four (4) years of additional experience as an ISSO may be substituted for a bachelor's degree.
- Experience is to include at least two (2) of the following areas:
- Knowledge of current security tools
- Hardware/software security implementation
- Communication protocols
- Encryption techniques/tools.
Certifications Required:
- This position has been designated as requiring CWIP certification and requires one of the following baseline certifications to qualify
- CAP, CND, Cloud+, GSLC, Security+ CE, HCISPP
Position requires active Security Clearance with appropriate Polygraph
Pay Range: 125,000-195,000
The RealmOne pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Our approach to crafting offers considers various factors to establish an equitable and competitive compensation package. These considerations include, but are not limited to, the extent and intricacy of the role's responsibilities, the candidate's educational background, their work experience, and the specific competencies crucial for success in the role.
RealmOne Benefits:
- Healthcare Coverage + Insurance: Medical: Three (3) rich healthcare options through CareFirst with 100% or majority company-paid premiums. Tax-advantaged health savings account available with generous employer contribution. Dental + Vision: 100% employer-paid for employees and family with buy-up option available.
- Retirement + Savings: 401K - 10% TOTAL CONTRIBUTION - 5% safe harbor - 5% annual profit share (both immediately vested!).
- Paid Time Off + More: 4 weeks starting PTO - 11 federal holidays + 2 floating holidays - Paid hours for company-required training.
- Career Growth + Development: Access to FREE 24/7 learning via Udemy - Opportunities to participate in tech councils, industry initiatives, etc. - $7,500 annual Educational & Professional Development Assistance.
- MORE BENEFITS...FOR EVERY LIFESTYLE! - Paid parental leave - Adoption assistance - Annual swag drops - Flexible work schedules - -Generous referral bonus program - Employee appreciation + family-friendly corporate events ...and much more.
ABOUT US
- RealmOne is a mid-sized science and technology company dedicated to solving our customers' toughest mission challenges.
- Headquartered in Columbia, MD., RealmOne supplies advanced cybersecurity, data science and software engineering services and products to customers in the Government and commercial sectors.
- RealmOne delivers encompassing mission assurance and critical systems support to government customers across various U.S. locations to include Colorado, Georgia, Hawaii, Texas, Utah, and Virginia.
- RealmOne has won numerous awards, to include Top Workplaces by the Baltimore Sun. Across more than 20 prime contracts, RealmOne is a premiere innovator for the Government and Department of Defense, and our team is located across the United States.
We're an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
group id: 91087096
