Description

The Health and Civil Sector are actively seeking Information Systems Security Officers (ISSO) with a minimum of ten (10) years' experience. This opportunity is supporting the customer's Accreditation and Authorization (A&A) projects at the Group organizational level and is therefore supporting across various levels within the customer organization.

Role requires US Citizen with the ability to obtain a Public Trust level 4 clearance.

MUST be local to the DC Metro area for onsite meetings in Washington, DC as needed

Role will primarily telecommute, onsite requirement may vary.

• Develops, reviews, evaluates, and verifies self-testing results to validate enclave security requirements for organizational security policies) are met for Cloud technical systems for the government portfolio.
• Perform Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation.
• Evaluation of the assigned information systems' security control compliance with the federal requirements and the client's monitoring strategy.
• Management of emerging and defined risks associated with the administration and use of assigned information systems.
• Coordination with the client's Cybersecurity team to achieve and maintain the information systems' compliance and authorization to operate (ATO).
• Ensuring systems are operated, maintained, and disposed of in accordance with policies outlined in the approved security authorization package.
• Performing annual assessments to ensure compliance with the client's policies and standards.
• Serve as a member of the Change Control Board (CCB) to ensure configuration management for Cybersecurity-relevant software, hardware, and firmware is maintained and documented.
• Ensuring information system security requirement are addressed during all phases of information systems lifecycle.
• Work within a team environment to provide technically sound guidance order to adhere to the cybersecurity industry best practices and the client's monitoring strategy.
• Analyze collected information to identify vulnerabilities and potential for exploitation and effectively present the results and guidance derived from scans to system owners or other leadership, as required.
• Effectively communicate orally and in writing to track and detail the demands, efforts, and shortcomings in meeting the goals of the client's information system monitoring strategy.
• Support the integration/testing, operations, and maintenance of systems security.
• Develops, updates, and maintains internal Standard Operating Procedures for all internal assigned functions.

• Education, Experience & Skills
  • BA/BS and n10+ years' experience
  • Previous ISSO experience directly supporting the customer
  • Public, private and hybrid Cloud experience (AWS, Microsoft Azure, etc.)
• Certifications: At least 1 is required
  • CISSP or GSLC certifications
• hhsnih