What are the responsibilities and job description for the Information System Security Officer position at TechTrend, Inc.?
Information System Security Officer
In this position, you are an Information System Security Officer responsible for providing security-related support services to the users of cloud services, system owner, infrastructure and platform engineering resources to maintain/enhance the system’s security posture. You will support or security related efforts to implement security requirements to provide new features to cloud services or perform independent audits to ensure compliance with federal policies and requirements.
Essential Functions:
- Author and update security authorization documents (e.g., System Characterization Documents, System Security Plans, Asset Inventories, Polices and Procedures, architecture/data flow diagrams, etc.) to support annual security assessments and minor/significant changes
- Coordinate with stakeholders to implement policies and procedures, to include annual updates or as needed to address changes in the system’s authorization boundary
- Configure, monitor and review audit logs using native cloud security monitoring tools
- Implement automation and leverage Artificial Intelligence to improve operational efficiency
- Conduct security risk assessment, review security scan results, assess security vulnerabilities and support the development/tracking of Plan of Action and Milestones (POA&Ms) mitigation and/or risk acceptance
- Research security enhancements, document the security architecture and data flows to comply with security policies and controls
- Stay up-to-date on information technology trends and security standards.
Qualifications:
- Education: Minimum of high school diploma (Bachelor’s degree in Computer Science or similar technical discipline preferred)
- Experience: At least 5 years of providing Information System Security Officer support
- Domain: At least 3 years’ experience in one or more technology domains in cloud computing with Azure and Google, and DevSecOps processes and tool suite
- Certification: CISSP or equivalent
- Familiarity with security scanning tools such Tenable's Nessus, Defender for Cloud, Security Command Center, OWSAP ZAP, AppDetectivePro, WebInspect or equivalent
- Thorough knowledge of FedRAMP, CMMC and NIST 800-53 Rev 5, Federal Information Processing Standards (FIPS) and other significant federal regulations.
- Knowledge of the DoW Cloud Computing Security Requirements Guide (CC SRG), which defines Impact Levels (ILs) for cloud environments is a plus.
- Excellent interpersonal skills, including the ability to work on multi-functional teams
Job Location
- Hybrid (3 times a week)- Must live within commutable distance to Reston, VA
Competitive Benefits:
- Medical, Dental & Vision coverage
- Life Insurance
- Short, Long Term Disability Insurance
- PTO & Federal Holidays Off
- 401(k) Plan (Matching component included)
About TechTrend
TechTrend, Inc. is a veteran-friendly small business providing expert solutions, products, and services to the Federal government. Founded in 2003, we continue to evolve with capabilities in application development, artificial intelligence, DevSecOps, cloud enablement, and application development. We are a Microsoft Gold Partner and leading provider of Azure cloud services, to include partnership with AWS and GCP. TechTrend is recognized as a trusted partner delivering knowledge and guidance for our client’s most critical and complex support and service needs. As a liaison for positive organizational change, we form relationships and build bridges while ensuring quality across functions—gaining buy-in from both leaders and end-users and removing barriers to mission success. Our established processes ensure quality delivery of results by maximizing efficiency, productivity, and client satisfaction enterprise wide.