Job Details

Information System Security Officer (ISSO)

Bethesda, MD | Contract

Job ID:

2301A-006SO

Duration:

Long Term

Experience:

5-7 years

Career Level:

Senior Level

Compensation:

DOE

Industry:

Information Technology and Services

Job Description

Responsibilities:

The selected candidate shall provide Information System Security Officer (ISSO) and Acting Information Security Officer (AISSO) support to designated federal ISSOs to ensure customer systems maintain their Authority to Operate (ATO) with a security posture in accordance with DHS 4300A Rev 4 and NIST SP 800-53A Rev4 guidance. This support shall include providing IT security assessment and IT security audit functions to ensure FISMA compliance, support in developing and maintaining documentation in support of Certification & Accreditation (C&A) as required by the Federal Information Security Management Act (FISMA); ensuring all C&A and system security documentation (Security Plan, Privacy Threshold Analysis, Privacy Impact Assessment, e-Authentication, FIPS-199, Business Impact Analysis) is kept up to date or create C&A documentation when needed; and ensuring systems meet all security requirements mandated by DHS 4300A and DHS Management Directives.

Requirements & preferred skills:

  • The candidate MUST HAVE a technical background i.e. previous experience as a Systems Administrator/Engineer, Network Architect/Engineer, Software Architect/Developer vs. someone who has only created security documentation.
  • Follow the Information Systems Security Officer (ISSO) Guide, V10, when developing, updating, or reviewing required security artifacts in the Xacta Information Assurance Manager. Ensure proper access controls are implemented for both system access and physical access to data processing facilities
  • Create, update and assess compliance of system Authority to Operate (ATO) packages
  • Provide information security expertise to system development teams throughout the System Engineering Lifecycle process.
  • Ensure Plan of Action & Milestone (POA&M) and other compliance and vulnerability issues are remediated in a timely fashion.
  • Any DoD 8570 approved baseline certifications (e.g. CISSP, CEH, CAP, CISM)
  • Ensure proper access controls are implemented for both system access and physical access to data processing facilities
  • Experienced with creating Security Plan, Privacy Threshold Analysis, Privacy Impact Assessment, e-Authentication, FIPS-199, Business Impact Analysis.
  • Independently manages workload and provides guidance to less experienced staff
  • At least five years of experience with FISMA Compliance and the NIST RMF
  • Demonstrated expertise in SELC, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security, activities related to Ongoing Authorization
  • Knowledge of information security best practices, Enterprise Architecture
  • Experience with Xacta IA manager, Nessus Security Center, Splunk, FedRAMP, Data Centers, AWS, and prior DHS experience strongly preferred

Clearance Required:

  • Ideally, someone with current DHS clearance/EOD suitability.
  • OR, someone with an active clearance from any other agency.
  • Candidate MUST BE a US Citizen with an ability to obtain DHS suitability /Public Trust clearance.

Education:

Typically requires B.S. degree in computer science, systems engineering, or electrical engineering, or industry equivalent experience required, and minimum of 5 years of related experience in information security.


Similar Jobs