Today
Top Secret
Unspecified
Unspecified
wv, WV (On-Site/Office)
Marathon TS is seeking a highly skilled Information System Security Officer (ISSO) to serve as the principal advisor to the Information System Owner (SO), Business Process Owner, and the Chief Information Security Officer (CISO)/Information System Security Manager (ISSM) on all aspects of information system security. The ISSO will be responsible for implementing and maintaining effective cybersecurity controls to ensure the confidentiality, integrity, and availability of federal information systems.
Key Responsibilities:
Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status ").
#CJJOBS
Key Responsibilities:
- Advise stakeholders, including the System Owner and CISO/ISSM, on technical and policy-related security matters.
- Ensure implementation and ongoing maintenance of NIST-compliant security controls.
- Direct and enforce controls and procedures to protect information system assets against unauthorized modification, disclosure, or destruction.
- Provide guidance on physical and logical protection of information systems to relevant organizational units.
- Assist in preparing and maintaining system security documentation as part of the Authority to Operate (ATO) process, including:
- System Security Plans (SSPs)
- Contingency Plans
- Plan of Action and Milestones (POA&Ms)
- System Security Plans (SSPs)
- Conduct network self-inspections and assessments to ensure compliance.
- Analyze vulnerability data and document mitigation steps into the system of record.
- Collaborate with development and operations teams in CI/CD environments to maintain security best practices.
- Stay current with cybersecurity standards and practices including:
- National Institute for Standards and Technology (NIST)
- Defense Information Systems Agency (DISA)
- OWASP
- Common Criteria
- SANS Institute
- National Institute for Standards and Technology (NIST)
- Demonstrated experience supporting security practices within federal and/or state government environments.
- Prior technical hands-on experience in one or more of the following areas: networking, system administration, or software development.
- Experience working in Scaled Agile Framework (SAFe) development environments.
- Strong knowledge of virtualization, software-defined infrastructure, and cloud technologies.
- Familiarity with Continuous Integration/Continuous Delivery (CI/CD) pipelines.
- Excellent documentation, analytical, and communication skills.
- Relevant certifications such as CISSP, CISM, CEH, Security+, or equivalent.
- Experience with RMF (Risk Management Framework) and FISMA compliance.
- Working knowledge of tools used for vulnerability management, system scanning, and SIEM.
Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status ").
#CJJOBS
group id: 10362312
