Information System Security Advisor

Title: Information System Security Advisor


Location: Reston, VA


Clearance: TS/SCI with the ability to obtain and maintain a CI polygraph

Responsibilities:

• Perform duties similar to an Information System Security Officer, but in a broader advisory and oversight capacity across multiple projects


• Provide cybersecurity, accreditation, documentation, and security status advisory support across multiple IT initiatives


• Assist project teams in understanding security documentation requirements, track cybersecurity status, identify outstanding accreditation actions, monitor control implementation needs, support STIG and vulnerability management visibility, and coordinate security-related reporting


• Provide centralized security visibility, documentation guidance, and project-level security reporting support for initiatives managed or monitored through the SEC PMA


• Support multiple concurrent projects, each with its own security posture, documentation requirements, control implementation needs, assessment activities, and reporting rhythm


• Provide recurring security status inputs for PMA reporting, to include outstanding documentation requirements, number and status of controls requiring implementation, STIG activity status, open findings, risk items, supply chain risk management applications, certification status, and upcoming cybersecurity milestones


• Work closely with the team to ensure security activities are represented in project schedules, risk logs, issue logs, dependency trackers, and weekly status reports


• Identify cybersecurity risks, documentation gaps, accreditation dependencies, control implementation issues, and security-related blockers that may affect project delivery


• Coordinate with project management, system owners, ISSOs, ISSMs, cybersecurity personnel, developers, infrastructure teams, data owners, external contractors, and government stakeholders

Requirements:

• Bachelor's degree in a technical discipline with at least four (4) years of directly related experience


• Experience supporting information system security, cybersecurity documentation, accreditation, compliance, or risk management activities in a Federal, DoD, Intelligence Community, or similarly regulated environment


• Must be familiar with RMF processes and able to support accreditation documentation, authorization package development, security artifact tracking, control implementation evidence, POA&M tracking, and related cybersecurity documentation activities


• Experience using XACTA 360 to support RMF, accreditation, security control implementation tracking, artifact management, assessment workflows, POA&M tracking, or authorization package development is strongly preferred


• The ability to identify, track, and guide required security documentation for IT projects, systems, applications, data sharing arrangements, and modernization activities


• Experience providing recurring security status reporting across multiple projects, including outstanding documentation requirements, assessment status, control implementation progress, STIG status, vulnerability remediation status, supply chain risk management status, and certification or accreditation dependencies


• Understand how to track security controls, control implementation status, evidence requirements, open findings, and remediation actions


• Familiar with STIGs, vulnerability scanning, remediation tracking, and the documentation needed to support security review activities


• Knowledge of SCRM concepts, application review requirements, software approval considerations, and certification or documentation needs associated with software and system components


• A current Security + certification


• Current, active TS/SCI clearance, with the ability to obtain and maintain a CI polygraph

Equal Opportunity Employer/Veterans/Disabled