Overview

Abile Group has an exciting and challenging opportunity for an Information Systems Security Officer (ISSO) supporting an Intelligence Community Customer. 

The right candidate will possess the below skills and qualifications and be ready to handle all responsibilities independently and professionally.

Responsibilities

• Develops and coordinates all authorization documentation associated including the Systems Categorization, Systems Security Plan, and Systems risk assessment
• Supports the control assessment, reporting and monitoring processes using the Cyber Security and Assessment Management (CSAM) system
• Assists the component with staying on track with Core Controls and A-123 control assessment schedules
• Works with components to ensure each Risk Based Decisions (RBD's) has a current Waivers.
• Coordinates with CSS Customer Liaison support, including status of the process and POA&Ms.
• Supports and documents security controls tests, assist in remediation and ensure that POA&Ms are being appropriately managed.
• Develops or updates the Business Continuity and Contingency Plan for the component.
• Assists the components with decisions that affect security of their systems and networks.
• Facilitates preparations for the tri-annual Security Assessment and Authorization (SA&A) component's Information System.
• Conducts assessments of information systems security requirements, evaluates current security posture and recommend priorities for remediation.
• Reviews information system infrastructure and application architecture to assess security requirements
• Reviews existing SA&A documentation, Security Assessment Report and security infrastructure (i.e. IDS, firewalls, vulnerability scan tools, etc.)
• Assesses NIST 800-53, Rev 4. Control and document results
• Evaluates and strengthens standard SA&A Documentation
• Performs and documents risk assessments, analyzing security vulnerabilities, and the metrics to measure the risks associated with those vulnerabilities;
• Based on the risk profile of the analyzed systems, development and documentation of a Plan of Action and Milestones (POA&M) for mitigating those risks;
• Designs and develops comprehensive Systems Security Plan, covering at a high level the infrastructure, policies and procedures which define the systems security profile for the analyzed systems;
• Develops Systems Security Users Guides specific to selected networks, desktop computers, servers and data base systems; Designs, develops, and validates System Test and Evaluation (ST&E) reviews for new and/or legacy systems.
• Reviews and conducts NIST-based Self Assessments, identifying any weaknesses which need to be addressed, and develops a POA&M for each of those weaknesses based on industry best practices.
• Designs and develops of Initial Privacy Assessment (IPA) and Privacy Impact Assessments (PIAs) for each major Federal Government IT Systems
• Develops and conducts System Test and Evaluations (ST&Es) and Independent Verification and Validation (IV&Vs) of the security profiles of Federal Government IT Systems
• Conducts OMB A-123 security assessments of Federal Government IT Systems.

Qualifications

Clearance Required: Active TS/SCI with eligibility to obtain/maintain a CI Poly

Degree and Years of Experience: Bachelor's Degree in Computer Science or related technical discipline, or the equivalent combination of education, technical certifications or training, and work experience

• 5 years' experience performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful certification and accreditation or security authorization of such systems.
• 5 years' experience assessing and enhancing IT systems security policies and procedures in response to the regulatory requirements associated with Federal and International standards.
• 5 years IT Security experience with extensive knowledge in security regulations and security assessments having developed numerous security C&A (or SA&A) and ATO on a range of systems including classified systems

Required Certifications:

• 8570 Complaint required, at a min IAT II within 6 months from hire date 
• Current certification in one or more of the following IT Security disciplines:

  • ISACA - Certified Information Systems Auditor (CISA)

  • ISACA - Certified in Risk and Information Systems Control (CRISC)

  • ISACA - Certified Information Security Manager (CISM)

Required Skills:

• Strong working knowledge with NIST Special Publications and the NIST SP 800-37 SA using CSAM system

About Abile Group, Inc.

Abile Group, Inc. was formed in July 2004 to partner with the Intelligence Community and their Contractors in the areas of Enterprise Analytics & Performance Management, IT & Systems Engineering and Program & Project Management. We have significant experience with the Federal Government and are an EDWOSB dedicated to our employees and clients. We are looking for high performing employees who enjoy providing advice and guidance along with solutions development and implementation support, crafted by combining industry best practices with the clients’ subject matter experience and Abile’s breadth of expertise. 

EEO Statement

Abile Group, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Anyone requiring reasonable accommodations should email careers@abilegroup.com with requested details. A member of the HR team will respond to your request within 2 business days. 

Please review our current job openings and apply for the positions you believe may be a fit. If you are not an immediate fit, we will also keep your resume in our database for future opportunities.