Posted today
Top Secret/SCI
Unspecified
Unspecified
IT - Security
Tampa, FL (On-Site/Office)
Job Description
Why Choose GRVTY
GRVTY started with a simple, American idea: we do things not because they are easy but because they are hard. GRVTY exists to answer challenges. We do it for customers in defense, intelligence, homeland security-anyone whose job it is to advance America's strategic position. The size of the challenge we face demands new skills, new backgrounds, and new thinking. That's what we're here to deliver. And when you work shoulder to shoulder with brilliant people tackling the most high-stakes challenges, it's invigorating. Our culture is built on collaboration, mission-focused innovation, and a commitment to excellence, where every challenge we answer opens the door to a new possibility.
The toughest national security challenges demand vision and ingenuity, not just resources. We deliver mission and technical expertise to outpace our adversaries. We're purpose-built to tackle the most entrenched, systemic national security issues around the world.
We partner with our customers to help them overcome challenges in every corner of technology and defense-including the ones still being explored. Our growing capabilities create complementary advantages, giving on-the-ground operations the edge they need to succeed. We muster everything we have to answer every challenge presented, every day of our lives.
At GRVTY we believe that when our employees thrive, our company thrives. That's why we offer a comprehensive and competitive benefits package designed to support your well-being, growth, and work-life balance.
• Robust health plan including medical, dental, and vision
• Health Savings Account with company contribution
• Annual Paid Time Off and Paid Holidays
• Paid Parental Leave
• 401k with generous company match
• Training and Development Opportunities
• Award Programs
• Variety of Company Sponsored Events
As an ISSO you will develop and coordinate all authorization documentation associated including the Systems Categorization, Systems Security Plan, and Systems risk assessment
Required Skills
• Bachelor's Degree in Computer Science or related technical discipline, or the equivalent combination of education, technical certifications or training, and work experience
• 8+ years' experience performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful certification and accreditation or security authorization of such systems.
• 8+ years' experience assessing and enhancing IT systems security policies and procedures in response to the regulatory requirements associated with Federal and International standards.
• 8+ years IT Security experience with extensive knowledge in security regulations and security assessments having developed numerous security C&A (or SA&A) and ATO on a range of systems including classified systems
• Strong working knowledge with NIST Special Publications and the NIST SP 800-37 SA using CSAM system
• TS/SCI clearance required and eligibility to obtain/maintain a CI Poly
• Current certification in one or more of the following IT Security disciplines:
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Security Manager (CISM)
- Certified in Governance of Enterprise IT(CGEIT)
- Certified Information Systems Security Professional (CISSP)
- Certified Authorization Professional (CAP)
EEO Statement
GRVTY is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran and will not be discriminated against on the basis of disability.
Anyone requiring reasonable accommodations should email recruiting@grvty.com or call 703-544-7930 with requested details. A member of the HR team will respond to your request within 2 business days.
About Royce Geo
Established in 2015, Royce Geo has quickly evolved into a well-rounded, diverse, small business tackling some of the most complex issues for our Defense and Intelligence Community clients. We are an award-winning small business firm, providing vital support to our mission partners across four core areas: Geospatial Information Technology, Data Analytics, Intelligence, and Training.
Our team members are highly skilled subject matter experts, who listen and partner with our clients to accomplish the mission. We own the problem and find the solution while upholding the highest standards-to exceed expectations. We take risks and challenge the status quo to deliver innovative and cutting-edge solutions.
Our employee-centric company culture is everything. Even while we grow, our small company mentality continues to exist. We demand inspiration from our leadership, and accountability from all so that we can influence others through our actions. This is Royce Geo.
Why Choose GRVTY
GRVTY started with a simple, American idea: we do things not because they are easy but because they are hard. GRVTY exists to answer challenges. We do it for customers in defense, intelligence, homeland security-anyone whose job it is to advance America's strategic position. The size of the challenge we face demands new skills, new backgrounds, and new thinking. That's what we're here to deliver. And when you work shoulder to shoulder with brilliant people tackling the most high-stakes challenges, it's invigorating. Our culture is built on collaboration, mission-focused innovation, and a commitment to excellence, where every challenge we answer opens the door to a new possibility.
The toughest national security challenges demand vision and ingenuity, not just resources. We deliver mission and technical expertise to outpace our adversaries. We're purpose-built to tackle the most entrenched, systemic national security issues around the world.
We partner with our customers to help them overcome challenges in every corner of technology and defense-including the ones still being explored. Our growing capabilities create complementary advantages, giving on-the-ground operations the edge they need to succeed. We muster everything we have to answer every challenge presented, every day of our lives.
At GRVTY we believe that when our employees thrive, our company thrives. That's why we offer a comprehensive and competitive benefits package designed to support your well-being, growth, and work-life balance.
• Robust health plan including medical, dental, and vision
• Health Savings Account with company contribution
• Annual Paid Time Off and Paid Holidays
• Paid Parental Leave
• 401k with generous company match
• Training and Development Opportunities
• Award Programs
• Variety of Company Sponsored Events
As an ISSO you will develop and coordinate all authorization documentation associated including the Systems Categorization, Systems Security Plan, and Systems risk assessment
- Support the control assessment, reporting and monitoring processes using the Cyber Security and Assessment Management (CSAM) system
- Assist the component with staying on track with Core Controls and A-123 control assessment schedules
- Work with components to ensure each Risk Based Decisions (RBD's) has a current Waivers.
- Coordinate with CSS Customer Liaison support, including status of the process and POA&Ms.
- Support and document security controls tests, assist in remediation and ensure that POA&Ms are being appropriately managed.
- Develop or update the Business Continuity and Contingency Plan for the component.
- Assist the components with decisions that affect security of their systems and networks.
- Facilitate preparations for the tri-annual Security Assessment and Authorization (SA&A) component's Information System.
- Conduct assessments of information systems security requirements, evaluate current security posture and recommend priorities for remediation.
- Review information system infrastructure and application architecture to assess security requirements
- Review existing SA&A documentation, Security Assessment Report and security infrastructure (i.e. IDS, firewalls, vulnerability scan tools, etc.)
- Assess NIST 800-53, Rev 4. Control and document results
- Evaluate and strengthen standard SA&A Documentation
- Perform and document risk assessments, analyzing security vulnerabilities, and the metrics to measure the risks associated with those vulnerabilities;
- Based on the risk profile of the analyzed systems, development and documentation of a Plan of Action and Milestones (POA&M) for mitigating those risks;
- Design and development of comprehensive Systems Security Plan, covering at a high level the infrastructure, policies and procedures which define the systems security profile for the analyzed systems;
- Development of Systems Security Users Guides specific to selected networks, desktop computers, servers and data base systems; Design, development, and validation of System Test and Evaluation (ST&E) reviews for new and/or legacy systems.
- Review and conduct NIST-based Self Assessments, identifying any weaknesses which need to be addressed, and developing a POA&M for each of those weaknesses based on industry best practices.
- Design and development of Initial Privacy Assessment (IPA) and Privacy Impact Assessments (PIAs) for each major Federal Government IT Systems Developing and conducting System Test and Evaluations (ST&Es) and Independent Verification and Validation (IV&Vs) of the security profiles of Federal Government IT Systems
- Conduct OMB A-123 security assessments of Federal Government IT Systems.
Required Skills
• Bachelor's Degree in Computer Science or related technical discipline, or the equivalent combination of education, technical certifications or training, and work experience
• 8+ years' experience performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful certification and accreditation or security authorization of such systems.
• 8+ years' experience assessing and enhancing IT systems security policies and procedures in response to the regulatory requirements associated with Federal and International standards.
• 8+ years IT Security experience with extensive knowledge in security regulations and security assessments having developed numerous security C&A (or SA&A) and ATO on a range of systems including classified systems
• Strong working knowledge with NIST Special Publications and the NIST SP 800-37 SA using CSAM system
• TS/SCI clearance required and eligibility to obtain/maintain a CI Poly
• Current certification in one or more of the following IT Security disciplines:
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Security Manager (CISM)
- Certified in Governance of Enterprise IT(CGEIT)
- Certified Information Systems Security Professional (CISSP)
- Certified Authorization Professional (CAP)
EEO Statement
GRVTY is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran and will not be discriminated against on the basis of disability.
Anyone requiring reasonable accommodations should email recruiting@grvty.com or call 703-544-7930 with requested details. A member of the HR team will respond to your request within 2 business days.
About Royce Geo
Established in 2015, Royce Geo has quickly evolved into a well-rounded, diverse, small business tackling some of the most complex issues for our Defense and Intelligence Community clients. We are an award-winning small business firm, providing vital support to our mission partners across four core areas: Geospatial Information Technology, Data Analytics, Intelligence, and Training.
Our team members are highly skilled subject matter experts, who listen and partner with our clients to accomplish the mission. We own the problem and find the solution while upholding the highest standards-to exceed expectations. We take risks and challenge the status quo to deliver innovative and cutting-edge solutions.
Our employee-centric company culture is everything. Even while we grow, our small company mentality continues to exist. We demand inspiration from our leadership, and accountability from all so that we can influence others through our actions. This is Royce Geo.
group id: 90883154
