Position Title: Information Systems Security Officer (ISSO) (Mid-level)

Security Clearance: Top Secret (verifiable in DISS)

Position Location: United States Naval Observatory (USNO), 3450 Massachusetts Avenue NW, Washington DC, 20392-5420 (Full-Time On-Site)

Employment Status: Independent Consultant/1099 (full-time)

Travel: N/A

Tentative Start Date: 2 to 4 weeks

Compensation/Hourly Rate: Negotiated during the final interview

Position Description: King Cyber LLC seeks a Mid-level Information Systems Security Officer (ISSO) to provide the United States Naval Observatory (USNO), Cybersecurity Division with information assurance support as a member of a Risk Management Framework (RMF) Team. The candidate should have expert knowledge of RMF accreditation packages and all steps of the RMF process. Additionally, the ISSO will support the Program Manager and collective team to develop project requirements and plans to ensure project success. Work collaboratively with other RMF Analysts, IT SMEs and System Administrators to conduct analysis, mitigation, remediation, and monitoring to ensure compliance with DoD policies, procedures, and regulations. The ISSO will guide efforts associated with obtaining and maintaining RMF Authorities to Operate (ATO) for systems within the customer’s multi-faceted network infrastructure, spanning multiple platforms residing on multiple security enclaves.

Job requirements (minimum):

• Provide Risk Management Framework (RMF) and Authorization and Accreditation (A&A) activities such as developing and maintaining systems Authority to Operate (ATO) package documentation.
• Configure systems, support Information System Security Manager (ISSM) to generate required Risk Management Framework (RMF) artifacts to obtain Authorization To Operate (ATO) for legacy networks.
• Reviews accreditation documentation such as Body of Evidence (BOE) and DOD Security Technical Implementation Guidance (STIG) compliance reviews.
• Provide data categorization guidance to system owners.
• Comprehensive knowledge performing and identifying impacts as well as consideration of existing risk mitigation strategies.
• Develop Plan of Action and Milestones (POA&M) based on the assessment results.
• Ensure traceability of all vulnerabilities from raw assessment results to the POA&M.
• Conducting required vulnerability analysis to support mitigation and residual risk determination.
• Support the continuous monitoring program as necessary when Information System Continuous Monitoring (ISCM) results will be used to support continuing authorization requirements or ongoing authorizations.
• Ability to work effectively independently as well as within a team environment. Must be able to develop and manage Information Security policies, procedures, and methodologies in accordance with Federal Information Security Management Act (FISMA), DoD Regulations, NIST Special Publications, other Federal laws & regulations, and direction from engagement leadership.

Required Qualifications:

• Top Secret Clearance required (verifiable in DISS)
• BA/BS college degree required
• Five (5) plus years of documented and relevant experience working in information systems management/ network security
• Experience working with RMF and NIST 800-53 (Rev 4/5)
• DOD 8570/8140 IAM II
• Experience running ACAS scans, SCAP scans and manually going through STIG checklists
• Very strong technical understanding of Windows and Linux platforms
• Experience with eMASS and Xacta repositories
• Experience taking IT and network system(s) through the ATO process

Job Types: Full-time, Contract

Schedule:

• Monday to Friday

Application Question(s):

• Can you briefly describe your experience relative to the minimum job requirements listed in the Position Description?
• Are you willing to work on-site in Washington, DC?

License/Certification:

• Do you have an ACTIVE Top Secret Clearance? (Required)

Ability to Relocate:

• Washington, DC 20392: Relocate before starting work (Required)

Work Location: In person