Information System Security Officer II
Location: Centennial, CO.
Required Clearance: Top Secret/SCI with CI Poly
U.S. Citizenship Mandatory: Due to our US federal government contract, candidates for this position are required to be a US Citizen and will be subject to a background investigation.
Job Description:
We are seeking a highly skilled and experienced Information Systems Security Officer (ISSO) with a strong emphasis on the Risk Management Framework (RMF). The ISSO will be responsible for ensuring the security and integrity of our information systems by implementing and managing security measures in accordance with RMF guidelines. The ideal candidate will have a deep understanding of RMF processes, cybersecurity principles, and compliance requirements.
Job Responsibilities:
- Develop, implement, and maintain security policies, procedures, and controls in accordance with RMF guidelines.
- Conduct risk assessments to identify potential security threats and vulnerabilities.
- Develop and maintain System Security Plans (SSPs) and other required documentation.
- Ensure compliance with federal, state, and organizational security regulations and standards.
- Perform continuous monitoring of information systems to detect and respond to security incidents.
- Collaborate with system owners, administrators, and other stakeholders to ensure security controls are effectively implemented.
- Conduct security control assessments and audits to evaluate the effectiveness of security measures.
- Provide guidance and support for the development and implementation of security controls.
- Prepare and present security status reports to management and other stakeholders.
- Stay current with emerging security trends, threats, and technologies.
Required Skills:
- Bachelor's degree in a related field (or equivalent work experience in lieu of degree).
- Typically 2+ years of related experience.
- Certifications: (1 or more required) GIAC (Global Information Assurance Certification), network technology certifications such as a CCNP (Cisco Certified Network Professional), or SANS level 200 courses.
- Knowledge of secure software development.
- Knowledge of cyber supply chain threat monitoring.
Desired Skills:
- In-depth knowledge of RMF processes, NIST SP 800-37, NIST SP 800-53, and other relevant standards.
- Experience with security assessment and authorization (A&A) processes.
- Strong understanding of cybersecurity principles, including risk management, incident response, and vulnerability management.
- Relevant certifications such as CISSP, CISM, CAP, or similar are highly desirable.
- Excellent analytical, problem-solving, and communication skills.
- Ability to work independently and as part of a team in a fast-paced environment.
ITEC is a wholly owned subsidiary of ManpowerGroup Public Sector.
