Job Requirements
Fort Meade, MD
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries
Job Description
LightGrid is Hiring an Information Systems Security Officer (ISSO). ACTIVE SECRET is required.
Please Note: Must be able to Report to Fort Meade, MD a few times a week as needed.
The contractor shall perform Information Systems Security Manager and Information Systems Security Officer duties.
Key responsibilities include:
• Ensuring the EVS unclassified and classified VoIP systems remain compliant with all applicable DISA, Joint Force Head Quarters-DoD Information Network, and United States Cyber Command security policies and directives.
• Creating, maintaining, and updating security documentation and artifacts to obtain and sustain a DoD Authority to Operate (ATO) under the Risk Management Framework (RMF), including creating/managing Change Requests for new software.
• Reviewing and providing technical recommendations and mitigations based on results from Assured Compliance Assessment Solution (ACAS) scans, Cybersecurity Service Provider (CSSP), and Host Based Security System (HBSS) reports.
• Advising the Government on security matters in a continuous cycle throughout the project's period of performance.
• Developing and preparing all required RMF package documentation to obtain and maintain ATO, including system registration with the DoD Information Assurance Program, control categorization, and initiation of the CNSSI 1253 review.
• Facilitating the implementation and validation of assigned NIST 800-53 security controls and preparing the Security Assessment Report (SAR).
• Developing and managing Security Plans of Action and Milestones (POA&M) to document and track the status of corrective actions for NIST 800-53 controls.
• Providing Security Engineering Services to support the RMF lifecycle, addressing new customer requirements and system upgrades.
• Maintaining the Certification and Accreditation (C&A) of the program's automated information systems in accordance with DoD compliance standards.
• Responding and managing DISA Task Orders (DTOs) Security Plans of Action and Milestones (POA&M) to document and track the status of corrective actions for NIST 800-53 controls
• Manage updating CMRS, Axonius, MAPS/DITPR, SNAP
• Review STIGs for completion
• Weighing in on Implementation plans for CAB Approvals
Background and Education Required
Bachelor’s in Information Assurance, Information Technology, or Cybersecurity
CompTIA Security+ Required
7+ years with RMF, ATO, NIST 800-53 Rev. 4 & Rev. 5, POA&M, ACAS, STIGs, DoD security policies, eMASS.
• Work independently to manage and execute all assigned information assurance and security duties.
• Strong written and verbal communication skills are required to advise the government, prepare documentation, and coordinate with team members.
Please Note: Must be able to Report to Fort Meade, MD a few times a week as needed.
The contractor shall perform Information Systems Security Manager and Information Systems Security Officer duties.
Key responsibilities include:
• Ensuring the EVS unclassified and classified VoIP systems remain compliant with all applicable DISA, Joint Force Head Quarters-DoD Information Network, and United States Cyber Command security policies and directives.
• Creating, maintaining, and updating security documentation and artifacts to obtain and sustain a DoD Authority to Operate (ATO) under the Risk Management Framework (RMF), including creating/managing Change Requests for new software.
• Reviewing and providing technical recommendations and mitigations based on results from Assured Compliance Assessment Solution (ACAS) scans, Cybersecurity Service Provider (CSSP), and Host Based Security System (HBSS) reports.
• Advising the Government on security matters in a continuous cycle throughout the project's period of performance.
• Developing and preparing all required RMF package documentation to obtain and maintain ATO, including system registration with the DoD Information Assurance Program, control categorization, and initiation of the CNSSI 1253 review.
• Facilitating the implementation and validation of assigned NIST 800-53 security controls and preparing the Security Assessment Report (SAR).
• Developing and managing Security Plans of Action and Milestones (POA&M) to document and track the status of corrective actions for NIST 800-53 controls.
• Providing Security Engineering Services to support the RMF lifecycle, addressing new customer requirements and system upgrades.
• Maintaining the Certification and Accreditation (C&A) of the program's automated information systems in accordance with DoD compliance standards.
• Responding and managing DISA Task Orders (DTOs) Security Plans of Action and Milestones (POA&M) to document and track the status of corrective actions for NIST 800-53 controls
• Manage updating CMRS, Axonius, MAPS/DITPR, SNAP
• Review STIGs for completion
• Weighing in on Implementation plans for CAB Approvals
Background and Education Required
Bachelor’s in Information Assurance, Information Technology, or Cybersecurity
CompTIA Security+ Required
7+ years with RMF, ATO, NIST 800-53 Rev. 4 & Rev. 5, POA&M, ACAS, STIGs, DoD security policies, eMASS.
• Work independently to manage and execute all assigned information assurance and security duties.
• Strong written and verbal communication skills are required to advise the government, prepare documentation, and coordinate with team members.
group id: 91009852