Today
Public Trust
Unspecified
Unspecified
IT - Security
Washington, DC (On-Site/Office)
Description:
Post Quantum Crypto ISSO
OCT Consulting is a business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.
Responsibilities and Duties:
• Serves as the IT security POC (ISSO) for assigned systems to ensure agency information systems comply with FISMA OMB and agency Policies.
• Research assigned IT security systems to provide insight into IT security architectures and IT security recommendations for assigned systems.
• Schedule and co-lead screen-sharing sessions with engineering support and system stakeholders to gain a full understanding of a system's technology stack
• Oversee and manage relationships with vendors for assigned contractor-owned and contractor-operated systems, ensuring vendors comply with agency security and privacy requirements.
• Assist stakeholders with IT security-related activities to ensure project deadlines are met.
• Provides audit support by developing the appropriate responses to audit questionnaires and remediation recommendations of audit report findings.
• Ensure security activities and change management tasks are implemented throughout the SDLC from beginning to end.
• Ensure all systems are operated, maintained, and disposed of IAW documented security policies and procedures, including but not limited to Assessment & Authorization (A&A).
• Support the development and maintenance of all security documentation such as the System Security Plan, Privacy Impact Assessment, Configuration Management Plan, Contingency Plan, Contingency Plan Test Report, POA&M, annual FISMA assessment, and incident reports.
• Coordinates with appropriate stakeholders and system owners to ensure all NIST 800-53 controls are properly implemented and assessed during the steps of the ATO lifecycle
• Report and respond to security incidents.
• Assess vulnerabilities to ascertain if additional safeguards are needed and ensure systems are patched, and security hardened at all levels of the "stack," and monitor to see that vulnerabilities are remediated as appropriate.
Requirements:
Required Qualifications & Education:
• Must have one of the following active certifications: CISSP, CISA, CISM, CCSP, CAP / CGRC
• A minimum of three (3) years of technical experience in defining security program requirements or processes for the protection of sensitive or classified information. Competent to work in most phases of network, systems or application information assurance.
• A minimum of three (3) years of experience performing functions and responsibilities as an ISSO or ISSM for systems that at least have a Moderate FIPS 199 categorization
• Bachelor's degree in Computer Science, Information Systems, Mathematics, Engineering, or related degree or an additional two (2) years of relevant experience.
• Intermediate to advanced knowledge of Systems and Communications Protection security control implementation.
• Have detailed knowledge of NIST Policies, Governance, Security Planning and Architecture, FISMA Compliance, RMF, Incident Analysis, and General Security Best Practices.
• Possess strong written and oral communication skills to support customers, internal stakeholders, peers, and public audiences.
• Ability to communicate, both written and oral, to both technical and non-technical stakeholders.
• Good understanding of and experience with applying FISMA and NIST Cybersecurity framework and requirements.
• Experience in developing Information Security policies and procedures.
Clearance and Location Requirements:
• Ability to obtain a Public Trust clearance is required.
• This role is currently fully remote.
Salary: A generous compensation package commensurate with experience and education.
Benefits:
Benefits:
OCT offers competitive compensation packages and a full suite of benefits which includes:
OCT Consulting LLC is a minority-owned, Small Disadvantaged Business (SDB) providing professional services and information technology solutions to the Federal government and commercial clients. Founded in 2013, we bring the advantage of agility in operations along with a management team with a track record of leading successful engagements at major Federal government agencies.
At OCT, we are committed to ensuring equal opportunity for all individuals, recognizing that merit and qualifications are the foundation of our hiring, promotion, and development practices. We believe in creating a work environment where employees can thrive based on their abilities, skills, and achievements. Our practices ensure fair treatment and equal access to opportunities for all, regardless of race, ethnicity, gender, sexual orientation, age, abilities, or other personal characteristics. We are dedicated to providing career growth and professional development based on individual merit and fostering a workplace where everyone's contributions are valued and recognized.
Post Quantum Crypto ISSO
OCT Consulting is a business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.
Responsibilities and Duties:
• Serves as the IT security POC (ISSO) for assigned systems to ensure agency information systems comply with FISMA OMB and agency Policies.
• Research assigned IT security systems to provide insight into IT security architectures and IT security recommendations for assigned systems.
• Schedule and co-lead screen-sharing sessions with engineering support and system stakeholders to gain a full understanding of a system's technology stack
• Oversee and manage relationships with vendors for assigned contractor-owned and contractor-operated systems, ensuring vendors comply with agency security and privacy requirements.
• Assist stakeholders with IT security-related activities to ensure project deadlines are met.
• Provides audit support by developing the appropriate responses to audit questionnaires and remediation recommendations of audit report findings.
• Ensure security activities and change management tasks are implemented throughout the SDLC from beginning to end.
• Ensure all systems are operated, maintained, and disposed of IAW documented security policies and procedures, including but not limited to Assessment & Authorization (A&A).
• Support the development and maintenance of all security documentation such as the System Security Plan, Privacy Impact Assessment, Configuration Management Plan, Contingency Plan, Contingency Plan Test Report, POA&M, annual FISMA assessment, and incident reports.
• Coordinates with appropriate stakeholders and system owners to ensure all NIST 800-53 controls are properly implemented and assessed during the steps of the ATO lifecycle
• Report and respond to security incidents.
• Assess vulnerabilities to ascertain if additional safeguards are needed and ensure systems are patched, and security hardened at all levels of the "stack," and monitor to see that vulnerabilities are remediated as appropriate.
Requirements:
Required Qualifications & Education:
• Must have one of the following active certifications: CISSP, CISA, CISM, CCSP, CAP / CGRC
• A minimum of three (3) years of technical experience in defining security program requirements or processes for the protection of sensitive or classified information. Competent to work in most phases of network, systems or application information assurance.
• A minimum of three (3) years of experience performing functions and responsibilities as an ISSO or ISSM for systems that at least have a Moderate FIPS 199 categorization
• Bachelor's degree in Computer Science, Information Systems, Mathematics, Engineering, or related degree or an additional two (2) years of relevant experience.
• Intermediate to advanced knowledge of Systems and Communications Protection security control implementation.
• Have detailed knowledge of NIST Policies, Governance, Security Planning and Architecture, FISMA Compliance, RMF, Incident Analysis, and General Security Best Practices.
• Possess strong written and oral communication skills to support customers, internal stakeholders, peers, and public audiences.
• Ability to communicate, both written and oral, to both technical and non-technical stakeholders.
• Good understanding of and experience with applying FISMA and NIST Cybersecurity framework and requirements.
• Experience in developing Information Security policies and procedures.
Clearance and Location Requirements:
• Ability to obtain a Public Trust clearance is required.
• This role is currently fully remote.
Salary: A generous compensation package commensurate with experience and education.
Benefits:
Benefits:
OCT offers competitive compensation packages and a full suite of benefits which includes:
- Medical, Dental, and Vision insurance
- Retirement savings 401K plan provided by an industry leading provider with 3% employer contributions of the employee's gross salary
- Paid Time Off and Standard Government Holidays
- Life Insurance, Short- and Long-Term disability benefits
- Training Benefits
OCT Consulting LLC is a minority-owned, Small Disadvantaged Business (SDB) providing professional services and information technology solutions to the Federal government and commercial clients. Founded in 2013, we bring the advantage of agility in operations along with a management team with a track record of leading successful engagements at major Federal government agencies.
At OCT, we are committed to ensuring equal opportunity for all individuals, recognizing that merit and qualifications are the foundation of our hiring, promotion, and development practices. We believe in creating a work environment where employees can thrive based on their abilities, skills, and achievements. Our practices ensure fair treatment and equal access to opportunities for all, regardless of race, ethnicity, gender, sexual orientation, age, abilities, or other personal characteristics. We are dedicated to providing career growth and professional development based on individual merit and fostering a workplace where everyone's contributions are valued and recognized.
group id: 91130748
