Job Description

As an Information Systems Security Officer (ISSO), your responsibilities will include:

• Managing all aspects of an organization's information security system, for classified and unclassified systems, including researching, testing, training and implementing programs designed to safeguard sensitive information from any possible breaches.
• Understanding the Risk Management Framework (RMF), and how risk management is executed, what risk means, and how to analyze it.
• Spearheading Authority to Operate (ATO) and/or Authority to Proceed (ATP) efforts while making independent recommendations to Government Leads during these processes.
• Conducting risk analysis from vulnerability and compliance scans, pen testing results, or other audit activity.
• Creating written works to include but not limited to Plan of Action and Milestones, System Security Plans, System Specific Policies and Procedures, Configuration Management Plans, Contingency Plans and Test Results, Business Impact Analyses, and Security Impact Analyses.
• Participating in Agile Planning Events to provide technical input.

Required Skills

Bachelor’s degree and 2 years' work experience or equivalent experience or 7 years related work experience, to include:

• TS//SCI with CI Polygraph
• Being a self-starter who’s able to work in both independent and team environments while building work relationships with SMEs across divisions. Additionally, must be comfortable with cyber security and able to brief issues to the customer.
• The ability to articulate and provide a true and accurate status update on government IT systems security posture as well as overall system health to the customer in a clear and concise manner.
• Experience executing the NIST Risk Management Framework (RMF) and applying security practices found in NIST publications. (i.e. SP 800-53, SP 800-30, SP 800-60, FIPS 199, FIPS 140-2, etc.)
• Experience documenting System Security Plans to include security control implementation statements.
• Experience conducting periodic reviews of implementation statements to ensure persistent compliance with applicable government and agency level policies in addition to ISO and NIST standards.
• Supporting the security assessment and authorization (or ATO) process.
• Analyzing testing results from scans, audits, penetration tests, or other test efforts to determine risk levels.
• Hands-on experience with vulnerability management tools such as Tenable Nessus and Security Center.
• Conducting Continuous Monitoring and maintaining the security posture of IT systems within on-prem, cloud, and hybrid environments.
• Knowledgeable on one or more cloud computing services and technologies including but not limited to: AWS, Microsoft Azure, VMware, etc.
• Familiarization with the Microsoft Office 365 Suite. (i.e. Word, PowerPoint, SharePoint, Excel, etc.)

Desired Skills

• Cyber program experience within federal customer space a plus!
• Familiarization with Scaled Agile Frameworks (SAFe), agile development principles, and DevSecOps methodologies are a plus!
• Experience with managing vulnerabilities on virtualized IT systems and assets or virtual machines (i.e. VDI and VMware.) is a plus!
• Experience with SAFe Agile tools like Jira, Jira Align, or ServiceNow.
• Certifications such as CISSP, CCSP, AWS, Microsoft Azure, CISA, CAP, and SAFe 6 are highly d

About WarCollar Industries

COVID-19 Vaccination Policy:

Prospective and/or new employees will be required to adhere to the customer’s vaccination policy.

About us:

WarCollar Industries, LLC is a veteran-owned small business. We maintain a team of cybersecurity experts committed to protecting complicated data and distribution systems and providing decision makers with the most accurate assessment of residual risk possible. We work with our clients to solve the toughest challenges in the ever-evolving digital landscape. Services include network defense, computer network attack, secure network design, penetration testing and vulnerability assessment. WarCollar enables its clients to find, fix, stop, and ultimately solve cybersecurity problems across their entire enterprise.

WarCollar offers generous benefits including: Medical insurance premium coverage; PTO based on billable hours; federal holidays plus your birthday; matching 401k, education reimbursement plus paid training days; performance bonuses; referral bonuses; government shutdown protection; monthly team building events plus two major social events annually.

WarCollar Industries, LLC is an equal opportunity employer. WarCollar does not discriminate in employment based upon race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, status as a protected military veteran, or other non-merit factor.