Information Systems Security Officer (ISSO)

Arlington, VA

Qualifications:

• Active Secret clearance

• Must be able to obtain a TS/SCI clearance

• Must be able to obtain DHS Suitability

Job Summary:

We are looking for an Information Systems Security Officer (ISSO) to support the design, development, and deployment of advanced cybersecurity capabilities.

Job Responsibilities:

· Leading all cyber security activities required to maintain ATO for assigned systems within the customer’s lab environment

· Providing support for facilitating and helping the lab identify its current security infrastructure and define future programs, design, and implementation of security related to lab systems

· Assisting the efforts of security staff to design, develop, engineer, and implement solutions to security requirements

· Implementation and development of the customer’s IT security plans

· Gathering and organizing technical information about the lab’s mission goals and needs, existing security products, and ongoing programs

· Performing risk analyses which also includes risk assessment

· Providing support to plan, coordinate, and implement the lab’s System Security Plan

· Coordinating with the appropriate stakeholders to create, update, and maintain security-related documentation and reporting as required

· Supporting a variety of Security related tasking which may include:

o Develop and maintain Privacy Threshold Analysis and assist with Privacy Impact Assessment Develop, maintain, and facilitate Contingency Plan and Contingency Plan Test

o Develop, maintain, and facilitate Configuration Management Plan and update Security Plan when applicable

o Develop, maintain, facilitate system Incident Response Plan

o Perform Annual Self-Assessment of system security controls CND policies, procedures, and regulations

Job Required Qualifications:

· Bachelor’s degree in Information Security, Cyber Engineering, or a related discipline is required.

· Active Secret clearance

· Must be able to obtain a TS/SCI clearance

· Must be able to obtain DHS Suitability

· 6 years of directly relevant experience in information security management

· Experience working on multiple complex assignments that are broad, requiring originality and innovation in determining how to accomplish tasks

· Ability to apply comprehensive knowledge across key tasks and high-impact assignments

· Knowledge of Computer Network Defense (CND) policies, procedures & regulations

· Knowledge of defense-in-depth principles and network security architecture

· Beginning to end Knowledge of Risk Management Framework (RMF) and Assessment and Authorization (A&A) documentation to include SSP, Contingency, Incident & Configuration Mgmt. planning.

· Experience establishing and maintaining good working relationships at all levels of the organization, including customers, internal management

· Demonstrated understanding of security practices in a hybrid on-premise/cloud environment; hardware/software security implementation; different communication protocols; encryption techniques/ tools; familiarity with commercial products, and lab infrastructure technology;

· Demonstrated understanding of cyber security tools such as Firewalls, SIEM, PCAP, and cloud-native security offerings

· Understanding of boundary protection and enclaving

· Understanding of authentication and access management technologies.

· Excellent written and oral communication skills

· Must be able to work collaboratively with internal and external stakeholders across physical locations

Job Desirable Skills:

· Experience working collaboratively with stakeholders at various levels across the organization

· Experience with AWS security-related services/resources: Guard Duty, CloudTrail, Security Hub, Amazon Inspector, Secrets Manager, IAM, Etc.

· Experience with Xacta and Continuum

· Experience with Splunk, Tenable, Tanium, and EndGame

· Experience with Net App

Job Type: Full-time

Benefits:

• 401(k)
• Dental insurance
• Health insurance
• Paid time off
• Vision insurance

Schedule:

• Monday to Friday

Application Question(s):

• Risk Management Framework (RMF) and Assessment and Authorization (A&A) documentation to include SSP, Contingency, Incident & Configuration Mgmt. planning.
• 2 Years of demonstrated understanding of security practices in a hybrid on-premise/cloud environment; hardware/software security implementation; different communication protocols; encryption techniques/ tools; familiarity with commercial products, and lab infrastructure technology;
• 2 Years of demonstrated understanding of cyber security tools such as Firewalls, SIEM, PCAP, and cloud-native security offerings
• Must be able to obtain a TS/SCI clearance

Experience:

• Information Systems Security Officer (ISSO: 6 years (Required)
• Computer Network Defense (CND) policies: 4 years (Required)
• defense-in-depth principles and network security: 3 years (Required)

Security clearance:

• Secret (Required)

Work Location: In person