Today
Secret
Unspecified
Unspecified
IT - Security
Linthicum, MD (On-Site/Office)
Job Description:
DC3 Position: Information Systems Security Officer (ISSO)
Client II LCAT: Senior Information Security Analyst, 273
Location: DC3, Linthicum Heights, MD (on-site)
Education/Experience Requirements: Bachelor's degree and 8+ years of experience, or Master's Degree and 6+ years of experience, or PhD and 3+ years of experience. A degree should be within one of the following fields: Information Technology, Computer Science, Cybersecurity, Information Systems, Data Science, or Software Engineering. However, an additional 4 years of relevant experience may be considered in lieu of a Bachelor's degree.
Clearance Requirement: Minimum active Secret clearance.
Certification Requirement: Active Security+ Certification.
Description:
Seeking an Information Systems Security Officer (ISSO) with a proven track record of DevSecOps success to include a combination of technical skills, communication skills, and cybersecurity skills. The successful candidate will be responsible for ensuring the implementation and maintenance of security controls in accordance with RMF v5, managing ATO packages, drafting security documentation including Operating Procedures, Cybersecurity Strategy (CSS), System Security Plans (SSP) ATO packages as well as System Security and Privacy Plan (SSPP) in accordance with DoD policies, Department of Airforce (DAF) regulations and our Federal Government customer's guidance.
The candidate must have expert knowledge and demonstrated experience with cybersecurity technologies, risk management, and incident response procedures as well as have a solid working understanding of computer functions, including hardware, software, and operating systems. This includes knowledge of Windows, Unix, and Linux operating systems, along with other applications such as databases, web servers, networking technologies, including routing, switching, and VPNs.
The ISSO must be able to work autonomously, manage their workload effectively, shift priorities with little to no loss of productivity and communicate effectively with technical and non-technical personnel.
Required Qualifications:
• Well-versed in best practices for cyber security program standards, processes, and procedures compliance, industry-standard security frameworks and demonstrated expert working knowledge of NIST Special Publication (SP) 800-53: Recommended Security Controls for Federal Information Systems, NIST SP 800-53A: Guide for Assessing the Security Controls in Federal Information Systems, AFPD 17-1 and AFI 17-130, Cybersecurity Program Management.
• Ability writing security policies and procedures, CSS, SSP, SSPP, and assess all ATO package artifacts.
• Expert knowledge of Risk Management Framework (RMF) v5 (Processes, workflow, etc.).
• Ability to use eMASS to execute, RMF v5 to include document / update system status, identify, document, and manage implementation of operational and technical security controls, implementation and risk assessment tabs, non-compliant and non-validated controls, POAM management (entry, evidence, close-out), produce report and track Plan of Action and Milestone (POA&M) due dates, etc.
• The ability to complete a checklist to ensure Security Authorization Process documents are complete and comply with all guidance.
• Ability to work collaboratively with IT counterparts, communicate effectively (skilled in communicating complex technical information to non-technical audience) and coordinate STIG remediation with system administrators and developers.
• Ability to conduct risk assessments, monitor security Incidents and respond appropriately to Security Threats.
• Working understanding of network technology (includes knowledge of network protocols, TCP/IP), operating systems as well as the necessary security protocols, system details (Architecture, data flow, security cat, requirements, configuration management process/procedures, and user profile) firewalls, rules and configurations, intrusion detection tools and prevention systems, encryption techniques, Windows, Unix, and Linux) operating systems, along with other applications such as databases and web servers.
• Ability to execute tasks with little to no oversight or support as well as manage multiple, and at times, competing priorities without loss of productivity.
Desired Qualifications:
• Experience transitioning from RMF v4 to v5.
• Experience with cloud computing platforms such as AWS and Azure.
• Basic understanding of identity and access management system capabilities and configuration.
• Experience with TASKORDS, OPORDS, etc.
• Experience leading Cybersecurity (ISSO & ISSE) teams.
Regards,
Samson Chacko
Federal Staffing Specialist
Cell/ Text : 973-394-3928
Email: Samson.chacko@artech.com
LinkedIn: linkedin.com/in/samson-chacko
DC3 Position: Information Systems Security Officer (ISSO)
Client II LCAT: Senior Information Security Analyst, 273
Location: DC3, Linthicum Heights, MD (on-site)
Education/Experience Requirements: Bachelor's degree and 8+ years of experience, or Master's Degree and 6+ years of experience, or PhD and 3+ years of experience. A degree should be within one of the following fields: Information Technology, Computer Science, Cybersecurity, Information Systems, Data Science, or Software Engineering. However, an additional 4 years of relevant experience may be considered in lieu of a Bachelor's degree.
Clearance Requirement: Minimum active Secret clearance.
Certification Requirement: Active Security+ Certification.
Description:
Seeking an Information Systems Security Officer (ISSO) with a proven track record of DevSecOps success to include a combination of technical skills, communication skills, and cybersecurity skills. The successful candidate will be responsible for ensuring the implementation and maintenance of security controls in accordance with RMF v5, managing ATO packages, drafting security documentation including Operating Procedures, Cybersecurity Strategy (CSS), System Security Plans (SSP) ATO packages as well as System Security and Privacy Plan (SSPP) in accordance with DoD policies, Department of Airforce (DAF) regulations and our Federal Government customer's guidance.
The candidate must have expert knowledge and demonstrated experience with cybersecurity technologies, risk management, and incident response procedures as well as have a solid working understanding of computer functions, including hardware, software, and operating systems. This includes knowledge of Windows, Unix, and Linux operating systems, along with other applications such as databases, web servers, networking technologies, including routing, switching, and VPNs.
The ISSO must be able to work autonomously, manage their workload effectively, shift priorities with little to no loss of productivity and communicate effectively with technical and non-technical personnel.
Required Qualifications:
• Well-versed in best practices for cyber security program standards, processes, and procedures compliance, industry-standard security frameworks and demonstrated expert working knowledge of NIST Special Publication (SP) 800-53: Recommended Security Controls for Federal Information Systems, NIST SP 800-53A: Guide for Assessing the Security Controls in Federal Information Systems, AFPD 17-1 and AFI 17-130, Cybersecurity Program Management.
• Ability writing security policies and procedures, CSS, SSP, SSPP, and assess all ATO package artifacts.
• Expert knowledge of Risk Management Framework (RMF) v5 (Processes, workflow, etc.).
• Ability to use eMASS to execute, RMF v5 to include document / update system status, identify, document, and manage implementation of operational and technical security controls, implementation and risk assessment tabs, non-compliant and non-validated controls, POAM management (entry, evidence, close-out), produce report and track Plan of Action and Milestone (POA&M) due dates, etc.
• The ability to complete a checklist to ensure Security Authorization Process documents are complete and comply with all guidance.
• Ability to work collaboratively with IT counterparts, communicate effectively (skilled in communicating complex technical information to non-technical audience) and coordinate STIG remediation with system administrators and developers.
• Ability to conduct risk assessments, monitor security Incidents and respond appropriately to Security Threats.
• Working understanding of network technology (includes knowledge of network protocols, TCP/IP), operating systems as well as the necessary security protocols, system details (Architecture, data flow, security cat, requirements, configuration management process/procedures, and user profile) firewalls, rules and configurations, intrusion detection tools and prevention systems, encryption techniques, Windows, Unix, and Linux) operating systems, along with other applications such as databases and web servers.
• Ability to execute tasks with little to no oversight or support as well as manage multiple, and at times, competing priorities without loss of productivity.
Desired Qualifications:
• Experience transitioning from RMF v4 to v5.
• Experience with cloud computing platforms such as AWS and Azure.
• Basic understanding of identity and access management system capabilities and configuration.
• Experience with TASKORDS, OPORDS, etc.
• Experience leading Cybersecurity (ISSO & ISSE) teams.
Regards,
Samson Chacko
Federal Staffing Specialist
Cell/ Text : 973-394-3928
Email: Samson.chacko@artech.com
LinkedIn: linkedin.com/in/samson-chacko
group id: artech
