Information System Security Representative

Veteran Owned Firm Seeking an Information System Security Representative (ISSR) for an Onsite role in Washington, DC

My name is Stephen Hrutka, and I am the owner of a Veteran Owned management consulting firm in Washington, DC focused on Technical/Cleared Recruiting for the DoD and IC.

HRUCKUS helps other Veteran-Owned businesses recruit for positions across the VA, SBA, HHS, DARPA, and other cutting-edge R&D related defense agencies.

We seek to fill an Information System Security Representative (ISSR) position in Washington, DC.

The ideal candidate is a DMV-based professional with an active TS/SCI clearance and CI-Poly eligibility, at least 10 years of experience in a computer science or cybersecurity-related field, and a minimum of 7 years serving as an ISSR or in a similar role within a cleared facility. They should also be proficient with security tools such as Tenable Nessus/Security Center, IBM Guardium, HP WebInspect, NMAP, or comparable applications, and hold key certifications such as CISSP, CASP, or GISP.

If you’re interested, I'd be glad to provide more details about the role and further discuss your qualifications.

Thanks,

Stephen M Hrutka

Principal Consultant

HRUCKUS LLC

Executive Summary: HRUCKUS is looking for an experienced ISSR for an onsite role in Washington, DC. The program provides support in the areas of Cybersecurity and Management to improve the Information Assurance (IA) posture of a federal customer. The contract’s support functions are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support.

Key Responsibilities:

• Ensure that ISs are operated, maintained, and disposed of in accordance with the internal security policies and practices outlined in the approved Security Assessment and Authorization (SAA) package
• Manage the SAA process for new FBI ISs and legacy ISs migrating into the GRC application
• Provide baseline security controls to the system owner, contingent upon the IS’s security categorization, type of information processed and entity type
• Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems’ impact levels and ISs’ authorization boundary
• Ensure that new entities are created in the GRC application with the security categorization of ISs
• Initiate, coordinate, and recommend to the Authorizing Official (AO) all Interconnection Security Agreement (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an agency IS with any non-agency or joint-use IS
• Perform an independent review of the System Security Plan (SSP) and make approval decisions
• Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the Authorizing Official (AO)
• Schedule security control assessments in coordination with the system owner.
• Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the Authorizing Official (AO) for a security ATO decision
• Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number
• Advise the Authorizing Official (AO) of IS vulnerabilities and residual risks.
• Ensure that all POA&M actions are completed and tested
• Coordinate initiation of an event-driven re-authorization with the Authorizing Official (AO)
• Ensure the removal and retirement of ISs being decommissioned, in coordination with the SO, ISSO, and ISSR

Required Qualifications:

• Current U.S. Government Top Secret Clearance w/ SCI and a CI-Polygraph eligibility
• At least 7 years serving as an ISSR or related position at a cleared facility
• Minimum of 10 years work experience in a computer science or Cybersecurity related field
• Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications
• Hold at least one of the following certifications:
• Certified Information Systems Security Professional (CISSP) or associate
• Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 Information Assurance Management (IAM) Level III proficiency (CCISO, CCSP, CISM, GSLC, GCED, GCIH)

Preferred Education:

• A bachelor’s and/or advanced degree in computer science, business management, or IT-related discipline.

Details:

• Job Title: Information System Security Representative (ISSR)
• Location: Washington, DC 20032
• Clearance Requirement: Active Top-Secret Clearance w/ SCI and a CI-Polygraph eligibility
• Assignment Type: Full-time, Onsite
• Salary Range: $120,000 - $150,000 per year with benefits:
• Competitive salary for well qualified applicants
• Relocation assistance available for highly qualified candidates
• 401(k) plan
• Annual performance bonus
• Certification and advanced degree attainment bonuses
• Student Loan / Tuition reimbursement
• Health Care Insurance (medical, dental, vision)
• Up to four weeks of paid vacation
• 11 Federal Holidays, and 3 Floating Holidays
• Team bonding events